Hackers Collecting the Banking Credentials from 4,600 Websites

A group of hackers have breached the security of the leading online security analytics companies and have gained access to almost 4,600 websites managed by the companies. By altering the javascript code and distributing it to 4,600 sites maintained by the security analytics companies, the hackers are now collecting the banking credentials from the websites. The independent security researchers found the issue with all of the sites and reported to the authorities at the concerned analytics agencies. According to the researchers, the attack is ongoing, and the malicious scripts are actively collecting the data from the visitors of the infected websites.

Sanguine Security founder Willem de Groot found the malicious script and shared on social media about the ongoing attack. Multiple security researchers have confirmed the attacks with the help of malicious javascript. Amongst the affected services, Picreel is one of the major services providers. Picreel provides the website analytics and behavior details of the visitors. With the javascript installed on the website, the service users can check the website heatmap and understand how the visitors are behaving on the website. The hackers have hacked the site and altered the javascript code meant for verification of the websites, which spread quickly with the users trying to verify the website and generate the heatmap from Picreel.

Another affected service is Alpaca Forms, which is the open-source project for helping websites to create web forms. It was created eight years ago by Cloud CMS, and the company still provides CDN services to the project. According to the CTO of Cloud CMS, the hackers have access to the content on CDN and nothing else. Currently, it is not clear how the hackers breached the systems and installed the malicious codes on the websites. Both of the service providers are working on rectifying the problem.

Related posts

Leave a Comment