Researchers discovered an online skimmer on Segway's online store which allowed malicious actors to acquire credit cards and personal information from customers during checkout.
The store has been hacked by Magecart skimmer, is majorly known for Dean Kamen's invention of the two-wheeled, self-balancing personal transporter, additionally, it also makes additional human mobility technologies.
"While the company doesn't know how Segway's site was hacked, an attacker will normally target vulnerabilities in the CMS system or one of its plugins." "The hostname at store.segway[.]com runs Magento, a major content management system (CMS) utilized by numerous eCommerce sites and a favorite of Magecart threat actors."
The attack was traced to Magecart Group 12 by Malwarebytes researchers who discovered a web skimmer on Segway's online store (store.segway.com).
The Segway store was connecting a known skimmer website (booctstrap[.]com), which has been operational since November and has been linked to prior Magecart attacks.
The Magento CMS was utilized to breach the store, and threat actors exploited loopholes in vulnerable versions of the CMS or one of its plugins. The firm also discovered a piece of JavaScript hidden in a file called "Copyright," which isn't harmful in and of itself but periodically loads the skimmer. Anyone analyzing the HTML source code will not see the skimmer because of this method.
The idea that the malicious actors are inserting the skimmer within a favicon.ico file is also noteworthy; Small icon visuals that connect to other sites are known as favicons. This new approach is becoming increasingly widespread, according to Uriel Maimon, senior director of technological innovations at cybersecurity firm PerimeterX.
"Magecart attackers are getting increasingly inventive with the attempts to avoid detection, especially given the developments in access control over time." Manual code review, static program analysis, and scanners could not have easily spotted the skimmer script hidden behind a favicon claiming to display the site's copyright."
To prevent these types of attacks, buyers should pay with computerized systems, one-time cards, tokens with stringent charging restrictions, or simply pick cash on delivery if available. Using an internet security application that identifies and prevents malicious JavaScript from running on checkout pages may also save you the headache of obtaining your credit card information stolen.
