Hackers have been compromising online shops, redirecting people to copycat websites, and stealing both their data and their money there, experts have warned.
The scam, dubbed ‘Phish ‘n’ Ships’ by the Satori Threat Intelligence team from HUMAN which uncovered it, stole tens of millions of dollars until it was finally discovered and stopped.
Phish ‘n’ Ships most likely started in 2019. The crooks would break into legitimate online stores in different ways – leveraging n-day vulnerabilities, server misconfigurations, easy-to-guess passwords, or in other ways. Once they gain access, they would upload multiple scripts which would allow them to upload fake product listings.
Disrupting the campaign
The listings would come with SEO-friendly metadata, to make sure they are easy to find through search engines. The fake products, usually for hard-to-find items such as the Nintendo power glove oven mitt, would lead the victims away from the legitimate stores, and through a series of redirects, which end on a copycat website imitating the original, legitimate store.
There, the victims go through a checkout process, giving away not just sensitive information, but also money, to the attackers.
Satori says that “thousands” of legitimate websites were compromised this way, and “hundreds of thousands” of people victimized. The damages are being counted in tens of millions of dollars.
To make matters worse, the crooks were withdrawing the money with no problem, for years. However, Satori’s researchers managed to notify almost all of the victimized websites, and with the help of Google, removed all malicious listings from search engine results.
Finally, the payment…
Read full post on Tech Radar
Discover more from Technical Master - Gadgets Reviews, Guides and Gaming News
Subscribe to get the latest posts sent to your email.