Magecart’s Next Attack Resulted In ABS-CBN Data Breach

We’ve been hearing about the malicious attacks by Magecart attacks targeting multiple firms. After British Airways and Feedify, Magecart’s next target turned out to be a Filipino broadcasting giant ABS-CBN. The hackers allegedly moved customer data to the Russian servers after the ABS-CBN data breach.

Hackers Pilfered Customer Data In ABS-CBN Data Breach

Continuing on from their malicious activities, the infamous Magecart Gang recently targeted a Philippine-based broadcasting firm ABS-CBN. Reportedly, the ABS-CBN data breach exposed user data to the hackers who moved it to servers in Russia.

As disclosed by security researcher, Willem de Groot, the online store of ABS-CBN got hacked about a month ago. Explaining how he found that, he stated,

“I discovered the fraud campaign when I implemented new heuristics for my malware detection system this week. The (obfuscated) malware is located at store.abs-cbn.com/js/lib/ccard.js (archive.org). This specific file has not been modified since four weeks, suggesting the malware was injected on or before August 16th.”

According to his discovery, the hackers stole user data during this period. The breached data includes personal details as well as credit card information of customers who interacted with the website. He also found the stolen data stored on Russian servers.

“The stolen data is sent onwards to a server registered in Irkutsk, Russia. The credit cards and identities are then (presumably) sold on the black market.”

The hackers allegedly used browser-based interception techniques at the checkout. This technique works by bypassing HTTPS encryption. Thus, the attackers could easily grab explicit customer details.

The Hacking Attack Affected Two Online Stores

When Willem de Groot noticed the issue, he notified ABS-CBN officials. Initially, he did not get a response. However, after some time, the firm confirmed the data breach in two of its online stores in a media release. The breached online stores included the ABS-CBN Store and UAAP Store websites that affected 213 customers. After the incident, both the sites went offline temporarily. Though, the firm confirmed that other “digital properties” remained unaffected. As stated,

“This data breach incident is isolated only to the ABS-CBN Store and the UAAP Store websites and does not affect other ABS-CBN digital properties.”

Let us know your thoughts.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients