Does your website have a "buy now" button? If it does, a hacker can steal your customers’ credit card information. That’s a hard lesson learned by counterfeit sneaker websites after a massive attack.
In December 2019, sneakerheads got a big surprise: a large-scale hacking operation. The series of attacks targeted hundreds of counterfeit sneaker websites, which allowed the hackers to steal credit card information from customers looking for a bargain.
Malwarebytes Labs, a company committed to protecting consumers from malware, recently discovered malicious scripts called "Magecart attacks" installed on hundreds of counterfeit sneaker sites. The scripts scan credit card information from buyers and send them to a remote server operated by hackers.
You might be wondering what any of that has to do with you. Well, if you're storing customers' credit card data, you're a potential target for this kind of scheme too.
At ITS, we've been helping our clients bolster their cybersecurity efforts for almost 20 years. We are dedicated to providing businesses with useful knowledge and tips to prevent them from falling victim to cyber-attacks. In this article, we'll explain how the magecart attack was done, what you can learn from it, and how to keep it from happening to you.
How Hackers Defrauded Counterfeit Sneaker Customers
According to the investigation conducted by Malwarebytes Labs, the attackers conducted a mass scan of vulnerable websites that were running on the Magento eCommerce platform or other outdated PHP versions. That allowed them to find the sites and inject a credit card skimmer into them.
The hackers then promoted these infected counterfeit sites through posts and forums that lured unsuspecting users back to the site. It's there that consumers were able to find attractive deals like Nike shoes that were once offered at $2,000 being sold at $134. Unfortunately, once customers used their card for the purchase, it sent their details to a certain IP address where the hackers could collect them at a later time.
"Unfortunate shoppers may not only be disappointed with the faux merchandise, but they will also relinquish their personal and financial data to Magecart fraudsters," explained Malwarebytes Labs' threat intelligence researcher, Jérôme Segura.
What You Should Take Away from the Magecart Attacks
While the counterfeit websites were also on the wrong side of the law in this story, it doesn't mean legitimate businesses like yours are not vulnerable to this type of attack.
If there's one takeaway your business should glean from all of this, it's that you shouldn't use outdated stuff. The hacker hit the jackpot when he found a string of counterfeit sneaker websites, all written in outdated PHP. From then on, it was easy pickings.
Whether it's your website, your software, or your operating system, remember to patch, update or upgrade. Using outdated software or services can only lead to negative outcomes. You might think you're saving money by skimping on updates and security patches, but you'll end up causing performance bottlenecks and exposing your business to cyber-attacks which will cost you more in the long run.
How to Prevent it From Happening to Your Business
If you want to prevent this type of attack, you need to ensure you're working with the latest version of the software or service you are using. It might sound simple, but with everything happening in and around your business, it can be hard to keep up.
Your IT team might be bogged down by day-to-day issues or big projects that can prevent them from staying on top of everything. If that issue sounds familiar, you might want to consider a co-managed solution by hiring a managed service provider (MSP) to help out.
A reliable MSP can keep your systems up-to-date and provide support for your in-house IT department. That way, your business will always have all its bases covered so you can focus on the thing that matters most: serving your customers safely.
Ready to Learn More Ways to Protect Your Business?
When your website deals with customers' credit card data, your value as a target increases tenfold. Ensuring that your website is secure and running on the latest systems should be your bare minimum to protect sensitive information from being stolen. A co-managed solution can help keep systems up to date and fill in any security gaps your current setup might have.
At ITS, we've helped hundreds of businesses make smart decisions when securing their networks and online assets. If you want to learn more ways to secure your website, check out our article on what businesses need to know about SSL.