CERT-In issues warning about a credit card skimming campaign that is targeting e-commerce websites | Tech News
Home Tech Tech News CERT-In issues warning about a credit card skimming campaign that is targeting e-commerce websites

CERT-In issues warning about a credit card skimming campaign that is targeting e-commerce websites

These skimmer codes that are being injected to JavaScript libraries are designed to steal not just credit card information, but also passwords.

By: HT TECH
| Updated on: Aug 20 2022, 22:01 IST
Icon
CERT-In explained in an official post that hackers are targeting websites that are hosted on Microsoft’s IIS server that is running on the ASP.NET web application framework.
CERT-In explained in an official post that hackers are targeting websites that are hosted on Microsoft’s IIS server that is running on the ASP.NET web application framework. (Pixabay)
CERT-In explained in an official post that hackers are targeting websites that are hosted on Microsoft’s IIS server that is running on the ASP.NET web application framework.
CERT-In explained in an official post that hackers are targeting websites that are hosted on Microsoft’s IIS server that is running on the ASP.NET web application framework. (Pixabay)

The Indian Computer Emergency Response Team (CERT-In) has issued a public warning about a credit card skimming campaign that is targeting sports, health and e-commerce websites. CERT-In explained in an official post that hackers are targeting websites that are hosted on Microsoft's IIS server that is running on the ASP.NET web application framework.

The problem that these attackers are exploiting lies with version 4.0.30319 of ASP.NET which is no longer officially supported by Microsoft and contains a host of vulnerabilities which makes it easy for hackers to break in.

In the advisory, CERT-In has asked these websites using ASP.NET web framework and IIS server to update to the latest version and conduct audits of web application, server and database server. CERT-In has also asked these sites to check web server directories regularly to keep an eye out for malicious web shell files and make sure they are removed before they can be exploited.

CERT-In referred to a recent Malwarebytes Labs report that discovered a known vulnerability, CVE-2017-9248, for ASP.NET that has been exploited recently to steal credit card details. Researchers at Malwarebytes Labs found over a dozen sites that have been compromised with malicious code injected into legitimate JavaScript libraries.

ASP.NET is a web application framework widely used by websites running shopping cart applications. The compromised websites found by Malwarebytes Labs all had a shopping cart feature that was exploited.

These skimmer codes that are being injected to JavaScript libraries are designed to steal not just credit card information, but also passwords. Malwarebytes Labs pointed out that this skimming campaign started sometime in April this year when online transactions and payments were at high thanks to Covid-19 lockdowns.

While CERT-IN's warning was specific to websites that were using the outdated web server framework, another instance of attackers using malware to target mobile apps to steal card details has also been spotted this year.

A cybersecurity firm called ThreatFabric recently detected a new malware called BlackRock which has targeted over 337 Android apps and is still rampant.

BlackRock uses overlays and keylogger functionality over legitimate apps to steal credit card details and get access to the apps.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 18 Jul, 18:20 IST
Tags:
Trending: how to change whatsapp font style and font size in chat window use of whatsapp plus, gb whatsapp got your whatsapp account banned? here is how to fix it forget microsoft windows 11, download android apps meant for smartphones on your computer now via bluestacks google wallet to launch in india: what is it and how will it be different from google pay beware! your whatsapp account can be hacked easily; here’s how this cybcercrime works apple releases macos sonoma 14.5 public beta 2 update; check new features and know how to get it wow! facebook messenger to alert you if anyone takes screenshot of your chat like snapchat how to restore whatsapp chat history on android: check tips and tricks tinder launches every single vote counts campaign to empower first-time voters in india microsoft-openai deal escapes eu probe, but subject to scrutiny in other regions
NEXT ARTICLE BEGINS

Tips & Tricks

WhatsApp banned
WhatsApp banned my number. What’s the solution? Step-by-step guide to ‘unban’ your account
Consider Tonnage
Don't forget these 5 things while buying ACs online
Productivity
Otter AI: How to use this AI meeting assistant app to automatically take notes, transcripts, more
Pixel 8 Pro's Pro
Know how to master Pro Controls on the Google Pixel 8 Pro - check top 4 tips
ChatGPT Plus
How to edit images generated by DALL-E in ChatGPT: Step-by-step guide

Editor’s Pick

Digi Yatra
Digi Yatra users, delete the old app right now- Here’s how to download the new app and use it at airports
iPhone 15
iPhone 16 leaks summarised: Colours, A-series chip and what more to expect from Apple in 2024
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
HDFC Bank alerts about a few common ‘bad habits’ of smartphone users that make it easy for them to fall prey to hacking attempts and scams.
Online scams: 5 habits of smartphone users that make life easy for hackers, warns HDFC Bank
Moto Edge 50 Pro
Motorola Edge 50 Pro review: Should you buy this new AI smartphone under 35,000?

Trending Stories

Dbrand
MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
GTA_6
GTA 6 leaks: What we know so far about Grand Theft Auto 6
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
Google Vids
Google Vids- All details about this new AI video app and how to use it
iPhone 13
Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
keep up with tech

Gaming

Garena Free Fire Redeem Codes for April 19
Garena Free Fire Redeem Codes for April 19: OB44 update rolled out, know what’s new
GTA 6 trailer: Top 5 iconic cars spotted in the Grand Theft Auto 6’s Vice City
GTA 6: Top 5 iconic cars spotted in the trailer set to dominate vice city's streets
Garena Free Fire MAX redeem codes for April 18
Garena Free Fire MAX Redeem Codes for April 18: OB44 update brings exciting changes!
Garena Free Fire redeem codes for April 18
Garena Free Fire Redeem Codes for April 18: Tips and tricks to win every battle early
GTA 6: Take-Two Interactive trims workforce and scraps projects, will it delay the launch?
GTA 6: Take-Two Interactive trims workforce and scraps projects, will it delay the launch?

    Trending News

    MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
    Dbrand
    GTA 6 leaks: What we know so far about Grand Theft Auto 6
    GTA_6
    10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
    STScI-01HFQ5YXZ04PF608HQB0KRTF3S
    Google Vids- All details about this new AI video app and how to use it
    Google Vids
    Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
    iPhone 13

    Trending Gadgets

    Mobiles Laptops Tablets