Cyber SecurityData Breaches

Breached Volusion card surfaces on the dark web

0

The card details stolen from Volusion-hosted online stores last year have surfaced on the dark web. It was discovered by the researchers at threat intel firm Gemini Advisory.

Volusion is a privately-held technology company that provides e-commerce software and marketing and web design services for small and medium-sized businesses. The company which was established in 199 has more than 250 employees and have served around 180,000 customers.

It was in October 2019, that the hackers have compromised the infrastructure of Volusion and distributed malicious software skimmers to steal financial data provided by users. During that time, it was reported that more than 6,500 stores have been hacked and thousands of e-commerce platforms have been compromised.

According to the report published by the Gemini Advisory, the analysts have found 239,000 compromised Card Not Present (CNP) records put up for sale in the dark web since November 2019. This has impacted hundreds of different merchants with websites linking to the 6,589 online stores compromised by the Volusion breach.

It is estimated that the hackers have managed to generate $1.6 million in revenue from these stolen payment cards, and the breach has exposed up to 20 million records.

The discovery was made by Check Point security researcher Marcel Afrahim and has shared his findings in a blog post.

On examining the checkout page, it was found that all the resources were loading from sesamestreetlivestore.com or volusion.com affiliated websites, except for an odd javascript file being loaded from storage.googleapis.com having bucket name of volusionapi.

This indicates that the attackers attained access to Google Cloud infrastructure of Volusion, and they managed to inject in JavaScript file the malicious code that siphons payment card details.

According to Gemini Advisory, 98,97% of the 239,000 records already sold on the dark web were related to cards issued in the US.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Microsoft patches SMBv3 wormable bug

    Previous article

    Czech hospital hit by cyberattack

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *