A group of hackers has compromised the security of 4,600 active websites in the network to collect and extract personal and banking data from users. The breach occurred through the Picreel systems, used for behavioral and interaction analysis, and Alpaca Forms, an open source platform for forms creation.
The discovery was made by Willem de Groot, founder Sanguine Security, a company specializing in information security. According to him, the criminals were able to insert malicious code into solutions of the two companies so that the information entered by the users in form fields were collected and sent to a server in Panama. The data includes emails, passwords and other access credentials, as well as personal and financial information that may be present in user registries.
According to information from Groot, the failure of Picreel reaches 1,249 sites , while the gap in Alpaca Forms is present in 3,435 domains . Complete lists of those reached were provided by Sanguine Security and include important sites such as the Spanish postal service, the Meritus international chain website and even Forbes magazine, as well as Brazilian sites that provide voice over IP subscriptions.
To make matters worse, the Alpaca Forms compromise seems to have happened within Cloud CMS systems, which is the creator of the open source solution and provides a cloud in which technology can run. In an official statement, the company said its cloud computing network was not compromised, but rather a single JavaScript file in its CDN structure.
To solve the problem, Cloud CMS removed the content delivery system and completely mitigated the problem for those who use Alpaca Forms from their official infrastructure. The company vehemently denied any compromise in its internal systems and reassured its users, stating that there was no compromise of customer data as a result of the breach.
On the other hand, users who use the solution in their own hosting services, as well as those who have Picreel's technology in operation in the domains they manage need to update their systems and take advanced actions towards a problem that can still affect them, the The commitment of JavaScript codes remains active and, with the publication of the press fault, more scams can happen.
For ordinary users, it is worth checking the lists provided by Sanguine Security for services that have been used recently. If one is present, the ideal is to exchange passwords of access in all the platforms that share the same credentials; if banking information is involved, pay attention to credit card bills and statements, and keep an eye on any scam attempts that may come via email, instant messengers, or other means.
Hackers steal personal and financial data from 4,600 websites
May 14, 2019
Cloud
,
CMS
,
Hacker
,
NEWS
0 Comments:
Post a Comment
Your comment and facebook share will be appreciated