A skimming code to extract credit card information is installed on 17,000 domains in Amazon S3
By
We found that the cybercrime organization Magecart embedded malicious code in the cloud storage service Amazon Simple Storage Service (Amazon S3) for the purpose of web skimming. According to RiskIQ , a security company that reported on this, more than 17,000 domains with malicious code were embedded, including some of the top 2000 sites with Alexa usage rates. It is.
Magecart Breaches Websites Via Misconfigured Amazon S3 Buckets
https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/
Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets
With Amazon S3, when you create a 'bucket' that functions as a folder on cloud storage, you can set 'Grant everyone' access and write permissions for the bucket. So, Magecart ran a random attack on a large number of unspecified buckets and added code for skimming to JavaScript files in buckets with open write permissions. The added malicious code steals credit card information etc., and it seems that 'obfuscation' has been applied so as not to be understood at first glance.
Since the JavaScript embedded with the skimming code in this attack did not necessarily handle credit card information, it seems that there were only a few cases where credit card information was actually extracted. However, RiskIQ evaluates such a random attack type unauthorized access method as 'a method with a large profit for effort', and 'a low security awareness when setting a bucket existing in the background of the damage. Point out.
According to Amazon , the newly created Amazon S3 bucket is 'private' and 'protected' is selected by default. RiskIQ recommends reviewing access controls for Amazon S3 buckets, such as whitelisting, users with write permissions, and access restrictions.
RiskIQ states that 'This article has been published to raise awareness of Amazon S3 security policies and common web skimming attacks.'
Related Posts:
in Web Service, Security, Posted by darkhorse_log