ter cuidado: Scripts maliciosos JS roubar cartão de crédito de dados de sites
CYBER NEWS

ter cuidado: Scripts maliciosos JS roubar cartão de crédito de dados de sites

dados de cartão de crédito é mais uma vez em perigo de ser roubado devido à campanha ativa envolvendo mais de uma centena de e-commerce sites.

Qihoo 360’s NetLab researchers came across an ongoing campaign targeting credit card details while observing www.magento-analytics[.]com, a malicious domain, for several months.




Malicious JS Scripts Inserted into Online Shopping Websites

The results of these observations revealed that attackers have been injecting malicious JS scripts hosted on this domain into a large number of online shopping websites.

De acordo com relatório dos pesquisadores, the domain name magento-analytics[.]com appeared on their DNSMon radar, a network-wide DNS malicious domain analysis system, in October last year.

What is interesting is that the domain name appears to be registered in Panama but it kelp moving aroung – first from Arizona to Moscow, then to Hong Kong, which prompted further analysis. Durante a investigação, the researchers discovered that “the domain name has been hosting a lot of JS scripts since the beginning of December, and most of the components are very similar”.

relacionado: Sites infectados com Magecart Malware infectado várias vezes.

These scripts include digital credit card skimming code which, após a execução, automatically harvests payment card data including card holder’s name, Número do Cartão de Crédito, CVV digits.

Contudo, 105 websites were found containing the JS loaded. An example is the www.kings2.com domain. When a user loads its homepage, the JS is set to run as well. If a user selects a product and goes to thePayment Informationto submit the credit card information, after the CVV data is entered, the credit card information will also be uploaded, segundo o relatório.

Here’s a list of the domains targeted in this campaign:

adirectholdings[.]com
adm[.]sieger-trophaen[.]de
adventureequipment[.]com[.]o
alkoholeswiata[.]com
alphathermalsystems[.]com
ameta-anson[.]com
ametagroup[.]com
ametawest[.]com
appliancespareparts[.]com[.]o
armenianbread[.]com
autosportcompany[.]nl
bagboycompany[.]com
boardbookalbum[.]biz
boardbookalbum[.]com
boardbookalbum[.]líquido
boardbookalbums[.]biz
boardbookalbums[.]líquido
burmabibas[.]com
businesstravellerbags[.]com
clotures-electriques[.]fr
cltradingfl[.]com
colorsecretspro[.]com
connfab[.]com
cupidonlingerie[.]fr
devantsporttowels[.]com
diamondbladedealer[.]com
digital-2000[.]com
emersonstreetclothing[.]com
equalli[.]com
equalli[.]co[.]uk
equalli[.]de
eu[.]twoajewelry[.]com
eyeongate[.]líquido
fitnessmusic[.]com
fluttereyewear[.]com
freemypaws[.]informações
gabelshop[.]ch
gosuworld[.]com
hotelcathedrale[.]estar
huntsmanproducts[.]com[.]o
iconicpineapple[.]com
ilybean[.]com
imitsosa[.]com
jasonandpartners[.]com[.]o
jekoshop[.]com
jekoshop[.]de
junglefeveramerica[.]com
kermanigbakery[.]com
kermanigfoods[.]com
kings2[.]com
koalabi[.]com
lamajune[.]com
li375-244[.]membros[.]linode[.]com
libertyboutique[.]com[.]o
lighteningcornhole[.]com
lighting-direct[.]com[.]o
lightingwill[.]com
liquorishonline[.]com
lojacristinacairo[.]com[.]br
magformers[.]com
maxqsupport[.]com
mdcpublishers[.]com
meizitangireland[.]com
mockberg[.]com
monsieurplus[.]com
mont[.]com[.]o
mtbsale[.]com
noirnyc[.]com
nyassabathandbody[.]com
pgmetalshop[.]com
pinkorchard[.]com
pizzaholic[.]líquido
powermusic[.]com
prestigeandfancy[.]com
prestigebag[.]com
prestigefancy[.]com
prestigepakinc[.]com
prettysalonusa[.]com
promusica[.]ou seja
qspproducts[.]com
qspproducts[.]nl
qspracewear[.]nl
rightwayhp[.]com
safarijewelry[.]com
schogini[.]biz
shopatsimba[.]com
spalventilator[.]nl
spieltraum-shop[.]de
storageshedsoutlet[.]com
stylishfashionusa[.]com
suitpack[.]co[.]uk
svpmobilesystems[.]com
task-tools[.]com
tiroler-kraeuterhof[.]em
tiroler-kraeuterhof[.]com
tiroler-kraeuterhof-naturkosmetik[.]com
ucc-bd[.]com
ussi-md[.]com
utvcover[.]com
vezabands[.]com
vitibox[.]co[.]uk
waltertool[.]informações
waltertool[.]org
waltertools[.]com
workoutmusic[.]com

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...