Segway, the company most famous for its two-wheeled “hoverboard”, has confirmed it suffered a cyberattack that saw it leak credit card data to malicious actors.
The company’s online store was breached sometime around January 6, 2022 (possibly even earlier), by a group known as Magecart Group 12. As the name suggests, the group works to steal credit card information by integrating the Magecart script onto vulnerable online stores. The script intercepts transaction data during the checkout in an online store, which is a process also known as form jacking, digital skimming, or e-skimming.
Cybersecurity researchers from Malwarebytes, which first spotted the breach, said it’s likely that the malicious actors exploited a vulnerability in the Magento CMS that the store uses. Once the CMS was breached, they embedded the skimmer in the last place anyone would look – the favicon files, images that are used to display small icons, such as website logos, in the web page browser tab.
Hiding malware in icons
This particular image, Malwarebytes further explains, pretends to display the site’s copyright. On the surface, it does just that, but beneath, it loads an external favicon that holds the malicious JavaScript.
What makes it difficult for security pros to spot this script is the fact that it won’t be seen unless the page is analyzed with a hex editor. BleepingComputer claims that this technique has been “well-documented”, and that it’s been used by “skillful” Magecart groups, for years now.
Claire's, Tupperware, Smith & Wesson, Macy's, and British Airways, have all been compromised in the same fashion, the company says.
As for Segway, most of its users come from the US (55%) and Australia (39%). We don’t know how many customers might be affected by this incident. Segway is yet to make an announcement, as the company’s newsroom page, blog, and Twitter account, have no mention of the breach.
Via: BleepingComputer
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba