Cyber Attacks

Hacker group compromises Boom! Mobile

0

Credit card skimming group Fullz House has compromised the website of US mobile virtual network operator (MVNO) Boom! Mobile in a MageCart attack. The hacker group injected the website with a credit card stealer script.

Boom! Mobile provides users with postpaid and prepaid no-contract wireless service plans that work on the nation’s largest cellular networks including AT&T, Verizon, and T-Mobile.

MageCart attack also known as web skimming or e-skimming involves attackers injecting malicious JavaScripts within one or more sections of a compromised website.

The hackers use these scripts to steal payment or personal info submitted by the sites’ customers in an e-commerce form.

According to Malwarebytes’ Threat Intelligence team, the attackers injected a single line of code that loads an external JavaScript library from paypal-debit[.]com/cdn/ga.js, disguised as a Google Analytics script.

The card skimmer collects payment card information from input fields whenever it detects any changes, immediately exfiltrating the harvested data as a Base64 encoded GET request.

It is not known what exactly is the method used by the Fullz House Magecart group to infiltrate Boom’s website. Malwarebytes found that the company site runs PHP version 5.6.40, which has been unsupported since January 2019.

Malwarebytes reported this incident to Boom! Mobile but the company has not responded to it.

Fullz House is famous for using a hybrid skimming/phishing technique and they are involved in both skimming and phishing for banking and card info from both payment provider customers and during checkouts on e-commerce platforms.

They also developed web skimmers of their own which camouflage as a Google Analytics script and gets loaded via a script tag within the compromised online shops. Their skimmer scripts work like a keylogger that continually check input fields for changes.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Main Cyber Security terms that everyone must know

    Previous article

    UN Maritime agency hit with cyber attack

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *