Segway, the company most famous for its two-wheeled “hoverboard”, has confirmed it suffered a cyberattack that saw it leak credit card data to malicious actors.
The company’s online store was breached sometime around January 6, 2022 (possibly even earlier), by a group known as Magecart Group 12. As the name suggests, the group works to steal credit card information by integrating the Magecart script onto vulnerable online stores. The script intercepts transaction data during the checkout in an online store, which is a process also known as form jacking, digital skimming, or e-skimming.
Cybersecurity researchers from Malwarebytes, which first spotted the breach, said it’s likely that the malicious actors exploited a vulnerability in the Magento CMS that the store uses. Once the CMS was breached, they embedded the skimmer in the last place anyone would look - the favicon files, images that are used to display small icons, such as website logos, in the web page browser (opens in new tab) tab.
Hiding malware in icons
What makes it difficult for security pros to spot this script is the fact that it won’t be seen unless the page is analyzed with a hex editor. BleepingComputer claims that this technique has been “well-documented”, and that it’s been used by “skillful” Magecart groups, for years now.
> Magecart hackers target popular poker software (opens in new tab)
> NutriBullet website hit by Magecart hackers (opens in new tab)
> Tis the season to prevent payments fraud (opens in new tab)
Claire's, Tupperware, Smith & Wesson, Macy's, and British Airways, have all been compromised in the same fashion, the company says.
As for Segway, most of its users come from the US (55%) and Australia (39%). We don’t know how many customers might be affected by this incident. Segway is yet to make an announcement, as the company’s newsroom page, blog, and Twitter account, have no mention of the breach.
- Here's our list of the best identity theft protection (opens in new tab) companies right now
Via: BleepingComputer (opens in new tab)