US GOP Senate Committee Allegedly Target Of Russian Hackers
Dutch researcher finds NRSC web store among 5,900 e-commerce sites infected with malware designed to steal payment card details.
Visitors to the National Republican Senatorial Committee (NRSC) web store between March and October may have had their credit card data stolen by Russian hackers exploiting weak passwords or security, reports KrebsonSecurity, quoting Dutch researcher Willem De Groot who discovered the hack.
The NRSC, claims De Groot, is among more than 5,900 e-commerce sites, including Converse and Audi, breached by the same criminals who sent the stolen data to a Russian-language net service provider in Belize.
The researcher says the malware found on the affected sites was found to come from Internet addresses assigned to Dataflow, a company operating in Belize and Seychelles and offering “bulletproof hosting.” He adds the malicious code was positioned in the websites’ database, which is how it remained undetected for long.
KrebsonSecurity says the criminals had used web-based keylogging programs designed to pilfer data from web server applications, thus stealing client details either post- or pre-encryption.
However, when told of the hack, many of the affected sites' owners dismissed its possibility believing in the foolproof security of the SSL technology they employed.
For full story, click here.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024