Security Alert: P&G Online Beauty Store hacked
Tech blog, BleepingComputer recently reported that criminals hacked a Proctor & Gamble owned site called First Aid Beauty, planted an e-skimmer, and captured customer payment details. Hackers planted the malware on the site in May 2019. First Aid Beauty has approximately 100,000 visitors per month; 89 % of them located in the U.S.
This malware is different
What makes this e-skimmer script so dangerous is its stealth and target selection abilities:
- This e-skimmer remained undetected on the site for 5+ months, an unusually long time.
- The code is concealed through a process called Obfuscation and is encrypted.
- The malware only steals from U.S. victims. If the shopper is not in the U.S. or is using a Linux machine, the software remains dormant.
- The program captures the credit card number, expiration date, card owner’s name, and CVV code.
Although after-the-fact, make it a habit of checking credit card purchases frequently and activate email fraud alerts on both credit cards and bank accounts.
Merchants must take proper steps to harden their sites against intruders by:
- Updating and patching all systems.
- Updating and running anti-virus software.
- Using strong, unique passwords.
- Segregating and segmenting network systems.
XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause. Backup & Disaster Recovery | Business Continuity | Data Risk Assessment