US GOP Senate Committee Allegedly Target Of Russian Hackers

Dutch researcher finds NRSC web store among 5,900 e-commerce sites infected with malware designed to steal payment card details.

Dark Reading Staff, Dark Reading

October 18, 2016

1 Min Read

Visitors to the National Republican Senatorial Committee (NRSC) web store between March and October may have had their credit card data stolen by Russian hackers exploiting weak passwords or security, reports KrebsonSecurity, quoting Dutch researcher Willem De Groot who discovered the hack.

The NRSC, claims De Groot, is among more than 5,900 e-commerce sites, including Converse and Audi, breached by the same criminals who sent the stolen data to a Russian-language net service provider in Belize.

The researcher says the malware found on the affected sites was found to come from Internet addresses assigned to Dataflow, a company operating in Belize and Seychelles and offering “bulletproof hosting.” He adds the malicious code was positioned in the websites’ database, which is how it remained undetected for long.

KrebsonSecurity says the criminals had used web-based keylogging programs designed to pilfer data from web server applications, thus stealing client details either post- or pre-encryption.

However, when told of the hack, many of the affected sites' owners dismissed its possibility believing in the foolproof security of the SSL technology they employed.

For full story, click here.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights