Plastic container maker Tupperware Brands Corp. is the latest to fall victim to hackers, who stole customer payment details.

Discovered by researchers at Malwarebytes on March 20, the attack involved the placement of a fraudulent payment form designed to mimic the official payment form during the checkout process.

The form is triggered by malicious code hiding within an image file inserted onto the site. Customers are completely unaware that they are entering details on a fake payment form. The use of an image file with malicious code is notable because it evades traditional detection techniques.

Once customers inserted their details into the malicious form and hit submit, they were then shown an error disguised as a time-out message. The page is then reloaded and victims enter the information a second time on the legitimate page, none the wiser to what has happened.

As is usual with digital credit card skimmers, the form captures the payment details and then sends them to the cybercriminals behind the attack.

The researchers reached out to Tupperware via phone, email, Twitter and LinkedIn with no response, hence their decision to go public with their findings. Someone must have noticed the report since then, however, since the malicious image file was removed.

“We understand that businesses have been disrupted in light of the coronavirus crisis and that employees are working remotely, which accounts for delays,” Malwarebytes’ Jerome Segura told The Register. “Our decision to go public is to ensure that the problem is being looked at in a timely manner to protect online shoppers.”

With employees working from home and a surge in online shopping as coronavirus-related lockdowns seeing more people ordering goods online, the number of cyberattacks is expected to increase as hackers look to take advantage of the situation.

Despite reports of some cybercriminals encouraging others to not take advantage of the situation, nothing is sacred when it comes to a targets, which in the last month include hospitals treating coronavirus patients and even a medical company preparing to do a trial for a vaccine. NutriBullet LLC, the maker of a popular high-priced blender, was also targeted in a card skimming attack in late February.

Photo: Mark Larson/Wikimedia Commons