Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack. The Magecart spinoff group targeted the wireless service provider in an odd choice of victim. Boom! Mobile's U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said.
Boom! Mobile’s U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said.
Boom! is a wireless provider that resells mobile phone plans from Verizon, AT&T and T-Mobile USA, under its own brand and with its own perks (the company boasts “great customer service” and no contracts). Up until yesterday, the provider’s main website was hosting malicious code, which lurked on the online checkout page and harvested online shoppers’ details.
The approach is reminiscent of core Magecart group attacks, but in this case, the attack was the work of the Fullz House group, according to Malwarebytes, which is a Magecart splinter group that’s mainly known for its phishing prowess.
“Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happened to be vulnerable,” Malwarebytes researchers said in a Monday post.
According to a review from Sucuri, boom[.]us was running PHP version 5.6.40, which reached end-of-life in January 2019. As of this writing, the website still has outdated status.
“This may have been a point of entry but any other vulnerable plugin could also have been abused by attackers to inject malicious code into the website,” researchers pointed out.
AppClues Infotech is a top Mobile App Development Company in USA building high-quality Android, iOS, and Native apps for Startups, SMBs, & Enterprises. Contact us now!
Experts Weigh in on E-Commerce Security Amid Snowballing Threats. How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. ... But experts are warning retailers not to focus only on one threat or on protecting one particular system.
PWAs or mCommerce, with respect to the technology, here is your guide on how to convert your online eCommerce store into a mobile application.
Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit.
Ortez provides e-commerce website development services in Dubai, India, Kuwait, Saudi Arabia, Qatar, Bahrain, Oman. e-business | electronic commerce.