Wednesday, May 08, 2019

Shopping Online, Avoid these sites unless you want your Credit Card data skimmed with magento-analytics.

dns_compare-1
Shopping Online, Avoid these sites unless you want your Credit Card data skimmed. An ARS report based on information from Netlab 360, clearly indicates how these companies do not care at all for your security, as skimming campaign continues to infect sites with malicious JavaScript, it seems preventive efforts are below the line.
“This isn't a new campaign, as the domain has been around for several months already, but it is one of the more active ones, according to our telemetry stats, We block an average of 100 connections to this domain daily from Malwarebytes users that visit an online store that's been hacked.” said Jérôme Segura, head of threat intelligence at security provider Malwarebytes. Segura pointed to this search query that showed 203 sites had been affected by the campaign. It appeared that some of the sites listed were no longer executing code hosted on magento-analytics,com, most likely because they had been disinfected after being indexed.
Most of the compromises reported by Netlab 360 appear to be hitting niche sites, but at least six of them are part of the Alexa top 1 million. They include:

    mitsosa,com
    alkoholeswiata,com
    spieltraum-shop,de
    ilybean,com
    mtbsale,com
    ucc-bd,com

The compromises reported by Netlab 360 are part of a rash of infections that came to light starting late last year affecting, among others, sites for British Airways, Newegg, and seven other businesses with more than 500,000 collective visitors per month.
According to ARS, Historical IP and whois records show that magento-analytics[.]com has no relation to Magento, the e-commerce CMS that Adobe acquired last year. Attackers likely picked the name to confuse administrators of infected sites.


The full list of sites in Netlab 360's report is:
adirectholdings,com
adm,sieger-trophaen,de
adventureequipment,com,au
alkoholeswiata,com
alphathermalsystems,com
ameta-anson,com
ametagroup,com
ametawest,com
appliancespareparts,com,au
armenianbread,com
autosportcompany,nl
bagboycompany,com
boardbookalbum,biz
boardbookalbum,com
boardbookalbum,net
boardbookalbums,biz
boardbookalbums,net
burmabibas,com
businesstravellerbags,com
clotures-electriques,fr
cltradingfl,com
colorsecretspro,com
connfab,com
cupidonlingerie,fr
devantsporttowels,com
diamondbladedealer,com
digital-2000,com
emersonstreetclothing,com
equalli,com
equalli,co,uk
equalli,de
eu,twoajewelry,com
eyeongate,net
fitnessmusic,com
fluttereyewear,com
freemypaws,info
gabelshop,ch
gosuworld,com
hotelcathedrale,be
huntsmanproducts,com,au
iconicpineapple,com
ilybean,com
imitsosa,com
jasonandpartners,com,au
jekoshop,com
jekoshop,de
junglefeveramerica,com
kermanigbakery,com
kermanigfoods,com
kings2,com
koalabi,com
lamajune,com
li375-244,members,linode,com
libertyboutique,com,au
lighteningcornhole,com
lighting-direct,com,au
lightingwill,com
liquorishonline,com
lojacristinacairo,com,br
magformers,com
maxqsupport,com
mdcpublishers,com
meizitangireland,com
mockberg,com
monsieurplus,com
mont,com,au
mtbsale,com
noirnyc,com
nyassabathandbody,com
pgmetalshop,com
pinkorchard,com
pizzaholic,net
powermusic,com
prestigeandfancy,com
prestigebag,com
prestigefancy,com
prestigepakinc,com
prettysalonusa,com
promusica,ie
qspproducts,com
qspproducts,nl
qspracewear,nl
rightwayhp,com
safarijewelry,com
schogini,biz
shopatsimba,com
spalventilator,nl
spieltraum-shop,de
storageshedsoutlet,com
stylishfashionusa,com
suitpack,co,uk
svpmobilesystems,com
task-tools,com
tiroler-kraeuterhof,at
tiroler-kraeuterhof,com
tiroler-kraeuterhof-naturkosmetik,com
ucc-bd,com
ussi-md,com
utvcover,com
vezabands,com
vitibox,co,uk
waltertool,info
waltertool,org
waltertools,com
workoutmusic,com
 

No comments: