Hackers Steal Credit Cards from Online Retailer’s Own Checkout

Hackers Steal Credit Cards from Online Retailer’s Own Checkout

Attackers injected 15 lines of Javascript code into Newegg.com’s web store, forwarding payment information to their own server.

Popular online tech retailer Newegg scrambled to shut down an attack on their web store this week, after learning hackers had been poaching customer payment data from their own website since August.

Incident response firm Volexity discovered the card skimming malware and reported it to Newegg, who removed the offending code on Tuesday. The attackers, known as “Magecart,” had injected Javascript code into the payment form page. The code watched for a click on the payment button, then submitted the entire form to a remote server, the action disguised as a credit card authentication step in the payment process.

The code worked for both PC and mobile customers, but it is unknown if mobile customers were affected by the breach. In an email to customers, Newegg’s chief executive said the company had not yet determined which customers were at risk.

This comes on the heels of two other attacks, both carried out by Magecart in a very similar fashion. In June, ticket distribution giant Ticketmaster UK faced a hack taking advantage of a customer support chat bot, and then in early September, British Airways reported that customers who made bookings in late August through 5 September had their information compromised.

The code used to skim credit cards was almost identical in all three instances, as reported by a threat researcher at RiskIQ, a cybersecurity firm.

Newegg reassured customers that the breach had been fully shut, and their website was operational once again.

About the Author

Jordan Lutke is an intern with 1105 Media.

  • How COVID-19 Has Revolutionized Aviation Security Let's Talk Sports Security

    In this episode of SecurPod, Ralph C. Jensen and Fred Burton discuss security tactics at sporting events, from dealing with unruly fans to coordination between the home and visitors' teams to identifying potential stalkers. We also talk about the logistics of re-opening mass-attendance venues in the wake of the COVID-19 pandemic.

Digital Edition

  • Security Today Magazine - July August 2021

    July August 2021


    • Tee Up the Security
    • Listen Clearly
    • Turning to the Cloud
    • COVID-19 The Final Push
    • Redefining Security

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety