Cyber Attacks

Magecart hackers hit NutriBullet website

0

NutriBullet LLC was targeted in numerous Magecart attacks during the past few months in which customer data was stolen at the point of sale.

The hacker group known as Magecart Group 8 managed to inject malicious credit card-skimming malware on the website of NutriBullet, the maker of a popular high-priced blender.

The criminals stole personal details of users like card numbers, names, billing addresses, expiry dates and card verification numbers.

The attacks which began on February 20, might be still continuing, even though the company says it removed the malicious code from the website.

Security firm RiskIQ stated that the hackers attached a card skimming tool to a javascript code library on NutriBullet’s website.

The data obtained was shared to a hacker-operated server which could be then sold on the dark web. The researchers from the firm tried to contact the NutriBullet for over three weeks, but did not get a response.

According to the Head of research of RiskIQ, Yonathan Klijnsma, the users must not use or shop on NutriBullet’s website till the company fixes the vulnerabilities and acknowledges their outreach.

NutriBullet’s chief information officer Peter Huh admitted about some intrusion in the website and that they will be working with the cyber-forensic research team to investigate.

The hacking group is said to have hacked more than 200 websites using the same method.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Adobe releases out-of-band software updates

    Previous article

    Food Delivery Website in Germany suffers DDoS Attack

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *