New year, same hacking: Blue Bear Software and Focus Camera the latest Magecart victims
New year, same hacking, and this time Blue Bear Software and Focus Camera Inc. are the latest victims of Magecart attacks.
Magecart is a form of attack that hijacks customer information at the point of sale on websites, stealing all the details a customer inputs into a site to purchase a given product or service. It emerged in 2018 with an attack on British Airways Plc., spreading to Newegg Inc., the Infowars Store, Cathay Pacific Airways Ltd., Ticketmaster Entertainment Inc., Macy’s Inc., Sweaty Betty and Oxo International Ltd.
The story with both Blue Bear Software and Focus Camera could have been mostly cut-and-pasted from the previous Magecarts, but there is one slight variation that was interesting.
Bleeping Computer reported Tuesday that with the Focus Camera Magecart attack, those behind the hack pretended to be ZenDesk in an attempt to hide malicious traffic. Specifically, the attacker’s registered zdsassets.com, a domain that resembles ZenDesk’s legitimate “zdassets.com.”
Blue Bear Software, an administration and e-commerce platform for schools and other educational institutions, had data stolen in a Magecart attack between Oct. 1 and Nov. 13 last year. The data stolen included names, credit and debit card numbers, expiration dates, security codes and Blue Bear account usernames and passwords.
“This latest cyberattack on Blue Bear web stores attests once again to the fact that Magecart is here to stay,” Elad Shapira, head of research at security auditing firm Panorays Inc., told SiliconANGLE. “This time, the attack targeted an educational accounting software platform that parents use to pay for student fees, books and school supplies. Online retailers like Blue Bear are prime targets for Magecart, because data is easily stolen during checkout, often through third parties, as customers enter their credit cards.”
To prevent these attacks, he said, companies must put processes in place to manage and review their susceptibility to the Magecart threat in their cyber supply chain. “Doing so is important throughout the whole third-party business relationship, and should include continuous monitoring of third parties’ cyber posture,” he said.
PerimeterX Inc. senior security researcher Gadi Naveh noted that since most conventional businesses are moving to conduct their payments online, the attack landscape is shifting to compromise those payments.
“Stores using physical payment methods have learned their lesson and invested in preventive methods to block point-of-sale credit card theft,” Naveh explained. “Online stores should also add preventive measures to protect their users from data breaches resulting from online skimmers and Magecart attacks. As the case of Blue Bear shows, even a third-party payment vendor intended to improve security can be compromised.”
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.