New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Atlanta Hawks Suffer Data Breach

The Atlanta Hawks merchandise website was found to be infected with malware designed to skim customer’s credit card, name, and address. The breach was found by researchers on April 20th, 2019 by researchers. A Hawks spokesperson stated, “We take these threats seriously and are investigating,” and that the malware is no longer active on the site. This malware was designed to steal the data as the customer was entering the information. Once the information was submitted, then the data was encrypted by the site and was no longer vulnerable.  The Atlanta Hawks website averages about 7 million visits per year and according to researchers, it is unclear as to how many customers were affected. This type of malware is another example of a skimming scam that’s gained popularity over the last few years. Recently, companies such as NewEgg, Ticketmaster UK, and British Airways have been the victims of similar attacks. Several hacking groups are said to be responsible. The amount of attacks seems to be going down, but the scale of attacks is increasing. Hacking groups seem to be shifting from compromising small websites and attacking larger targets in an attempt to get a bigger payday.

Analyst Notes

It is advised to be ever vigilant when it comes to online transactions by keeping a watchful eye on the user’s credit card for suspicious activity. It is also advised to have a separate account that the user only deposits funds into when online purchases are necessary so attackers do not have access to the user’s primary source of funds.