Submitted via IRC for ErnestTBass
The Atlanta Hawks need to play better defense online after a security researcher discovered malware at the basketball team's online store.
The merchandise website for the Hawks, the 12th-ranked team in the NBA's Eastern conference, was infected with malware designed to steal credit card information, according to Willem de Groot, lead forensic analyst at Sanguine Security.
De Groot said he first spotted the malware April 20 and noted it was stealing the names, addresses and credit card numbers of Hawks fans. He said he notified the team on Tuesday.
"We take these threats seriously and are investigating," a Hawks spokesperson said. The malware is no longer active on the site, the representative said.
The malware represents the latest example of a credit-card skimming scam that's gained steam over the last few years. During the last several months, NewEgg, British Airways and Ticketmaster UK were among the victims of the same type of attack, perpetrated by Magecart, the world's largest credit card-skimming operation, made up of different hacking groups.
De Groot said Magecart, which targets popular online stores with security vulnerabilities, also hit Hawks Shop, a site for Atlanta Hawks fans to buy hats, jerseys and other team gear.
"The frequency of hacked stores has gone down somewhat. However, the volume of stolen transactions apparently has gone up," de Groot said. "They seem to have shifted from hacking many small stores (automated breaches) to manual breaches of larger, more profitable targets."
Source: https://www.cnet.com/news/hackers-hit-atlanta-hawks-with-malware-stealing-credit-card-information/
(Score: 0) by Anonymous Coward on Monday April 29 2019, @10:46AM (3 children)
Large e-commerce platforms like Magento are targets because they have a lot of 3rd party extensions that are often hacked together by programmers who don't know how, or don't want to make the effort, to make their software secure and test it adequately.
Other platforms and frameworks go out of their way to make things easy to extend. This results in the same issues that Magento has with regards to poor quality extensions.
These platforms and frameworks may have their own vulnerabilities outside of any extensions, which is another reason they get a lot of attention from people with malicious intent.
I guess just about anyone can be a programmer these days but not everyone can be a good programmer.
(Score: 2) by c0lo on Monday April 29 2019, @10:55AM (2 children)
Time to blame Facebook for this.
If only those social media platforms could play nicer with the news outlets, journos wouldn't be fired in so large numbers and they wouldn't need to learn to code.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: -1, Flamebait) by Anonymous Coward on Monday April 29 2019, @11:07AM (1 child)
What the fuck are you prattling on about? If you think fired journalists learning to code is the reason platform and framework extensions are poorly coded then you should turn off your computer and leave the internet be before you dumb it down even more.
(Score: 3, Touché) by c0lo on Monday April 29 2019, @11:17AM
whoosh - https://knowyourmeme.com/memes/learn-to-code [knowyourmeme.com]
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford