North Korean hackers stealing online shoppers' data in US, Europe - San Francisco News
by Maria Thomas
Updated Jul 06, 2020
Dutch cyber security company Sansec has found proof of global web skimming activity that has multiple, independent links to previously documented and North Korea attributed hacking operations.
"Hackers associated with the APT Lazarus/ HIDDEN COBRA group were found to be breaking into online stores of large US retailers and planting payment skimmers as early as May 2019," said the report.
Previously, North Korean hacking activity was mostly restricted to banks and South Korean crypto markets, covert cyber operations that earned hackers $2 billion.
New research shows that they have now extended their portfolio with the profitable crime of digital skimming.
Digital skimming, also known as Magecart, is the interception of credit cards during online store purchases.
This type of fraud has been growing since 2015 and was traditionally dominated by Russian and Indonesian-speaking hacker groups.
"This is no longer the case, as the incumbent criminals now face competition from their North Korean counterparts," said the report.
In order to intercept transactions, an attacker needs to modify the computer code that runs an online store.
HIDDEN COBRA managed to gain access to the store code of large retailers such as international fashion chain Claire's.
"How HIDDEN COBRA got access is yet unknown, but attackers often use spearphishing attacks (booby-trapped emails) to obtain the passwords of retail staff," the security researchers mentioned.
Curiously, HIDDEN COBRA used the sites of an Italian modeling agency and a vintage music store from Tehran to run its global skimming campaign.
Sansec monitored millions of online stores for skimming activity and found 30 to 100 infected online stores per day.
Additionally, the US-based security firm Rewterz has reported a spearphishing attack targeting attendees of the annual Consumer Electronics Show (CES) in Las Vegas that was widely reported.
Related Articles
- Optical Illusion Brain Test: If you have Sharp Eyes Find the Number 442 in 20 Secs
- London-based firm Nothing to release its Phone (2)
- Covid will continue to cause mini-waves, not become seasonal yet: Scientists
- Hackers offering crypto accounts for as low as $30 on darknet
- Reddit's new feature to allow users to share its content on other platforms
- Surgical masks can help kids fight respiratory infections: Study
- LinkedIn's new AI feature to write messages to hiring team
- Microsoft introduces Xbox Game Pass' new Friend Referral programme
- Disbursed over Rs 31 cr in claims to delivery partners in FY22-23: Swiggy
- India emerging as favourable destination for clinical trials: Report