MageCart Group which is a syndicate of malicious actors is reported to have launched a cyberattack on the website of the NutriBullet, in an attempt to siphon payment card details from the customers shopping on the website.
Ā
Going by the details, the malicious group which is in the discussion is being called Magecart Group 8 which reportedly inserted a malicious code on the website of the blender retailer on Feb 20th,2020. The objective of the attack was to target customers while they are inserting payment card details on the checkout page.
Ā
Cybersecurity Insiders has learned that the discovery of the cyber incident was made by Yonathan Klijnsma, a threat researcher from RiskIQ who alerted the authorities of NutriBullet on an immediate note.
Ā
NutriBullet has made it official that the malicious code was removed from the website by March 17th and now the situation is said to be under control.Ā
Ā
A detailed investigation was launched to determine how the threat actors managed to insert the code into the website. Also, the IT staff have updated their security policies and credentials with Multi-factor authentication to see that no such incident occurs in the future.
Ā
Note 1-Ā Hackers are seen targeting shopping carts from the past two years as they use skimmers that are designed to steal data entered into the payment web pages of various e-commerce websites.
Ā
Note 2-Ā Historically speaking, the list ofĀ Magecart victims include Ticketmasterās UK Operations in Janā18; British Airways in Augā18; NewEgg Electronics Retailer in Septā18; Shopper Approved in Septā18; Topps Sports Collectible website in Novā18; Atlanta Hawks in Aprilā18; Forbes Magazine subscribers in Mayā19; and on the chain of College Campus Bookstores in April ā19.
