6000 Web shops hacked causing credit card codes’ losses


Almost 6,000 web shops are unknowingly harbouring malicious code that is stealing the credit card details of customers, suggests research.

The code has been injected into the sites by cyberthieves, said Dutch developer Willem De Groot.

He found the 5,925 compromised sites by scanning for the specific signature of the data-stealing code in website software.

Some of the stolen data was sent to servers based in Russia, he said.

In a blogpost, Mr De Groot said the attacks exploited known vulnerabilities in several different widely used web retailing programs. Mr De Groot is co-founder and head of security at Dutch ecommerce site byte.nl

Having won access, the attackers injected a short chunk of obfuscated code that copied credit card and other payment information. Stolen data was being sold on dark web markets at a rate of about $30 (£25) per card, he said.

His research found nine separate types of skimming code on sites, suggesting many different crime groups were involved.

Mr De Groot said he had been investigating skimming since his own card details were stolen. His work revealed the first sites harbouring the malicious code in late 2015 but further research showed the skimming started in earnest in May 2015. By the end of that year about 3,500 sites had been compromised.

Since then, he said, the number of sites had grown to 5,925 with some harbouring skimming code for almost 18 months. Victims included carmakers, fashion firms, government sites and museums.

The code used to steal data steadily became more sophisticated and now makes efforts to hide itself and tackle more types of payment systems.

“New cases could be stopped right away if store owners would upgrade their software regularly,” wrote Mr De Groot. “But this is costly and most merchants don’t bother.”

Mr De Groot said some stores had taken action to flush out the skimming code and patch their stores after he published a list of compromised sites.

“I would recommend consumers to only enter their payment details on sites of known payment providers such as Paypal,” he told the BBC. “They have hundreds of people working on security, the average store probably has none.”

The views expressed in Op-Ed pieces are those of the author and do not purport to reflect the opinions or views of Libyan Express.
How to submit an Op-Ed: Libyan Express accepts opinion articles on a wide range of topics. Submissions may be sent to oped@libyanexpress.com. Please include ‘Op-Ed’ in the subject line.
You might also like

Submit a Correction

For: 6000 Web shops hacked causing credit card codes’ losses

Your suggestion have been successfully submitted

There was an error while trying to send your request. Please try again.

Libyan Express will use the information you provide on this form to be in touch with you and to provide updates and marketing.