Security Alert: P&G Online Beauty Store hacked

Introduction

Tech blog, BleepingComputer recently reported that criminals hacked a Proctor & Gamble owned site called First Aid Beauty, planted an e-skimmer, and captured customer payment details. Hackers planted the malware on the site in May 2019. First Aid Beauty has approximately 100,000 visitors per month; 89 % of them located in the U.S.

This malware is different

What makes this e-skimmer script so dangerous is its stealth and target selection abilities:

  • This e-skimmer remained undetected on the site for 5+ months, an unusually long time.
  • The code is concealed through a process called Obfuscation and is encrypted.
  • The malware only steals from U.S. victims. If the shopper is not in the U.S. or is using a  Linux machine, the software remains dormant.
  • The program captures the credit card number, expiration date, card owner’s name, and CVV code.

Conclusion

There is very little real-time defense a user can employ if a trusted site is hacked other than activating browser addons to block JavaScript code; however, addons won’t work if the user whitelists the site.

Although after-the-fact, make it a habit of checking credit card purchases frequently and activate email fraud alerts on both credit cards and bank accounts.

Merchants must take proper steps to harden their sites against intruders by:

  • Updating and patching all systems.
  • Updating and running anti-virus software.
  • Using strong, unique passwords.
  • Segregating and segmenting network systems.
  • Using the Content Security Policy (CSP) that allows JavaScript to load only from trusted domains.
  • Using Subresource Integrity (SRI) to block modified JavaScript from loading onto their site.

 XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause. Backup & Disaster Recovery | Business Continuity | Data Risk Assessment