Hackers inject code into 6,000 online shops to steal credit card details


A Dutch developer has discovered that 5,925 web shops have been compromised by cyber criminals, who have injected the sites with malicious code to steal customers’ credit card information.

Willem De Groot found hackers had been installing skimming scripts onto online stores, with the malware stealing data on as many as 21,000 credit cards, he estimates. Servers in Russia were receiving some of this stolen data, Mr De Groot claimed, and information was being sold for around £25 per card on the dark web.

Mr De Groot is head of security and co-founder of Byte, a Dutch e-commerce company, and in his blog post, he said: “Online skimming is a new form of card fraud. In November 2015, the first case was reported. Upon investigating, I scanned a sample of 255,000 online stores globally and found 3,501 stores to be skimmed.”

“New cases could be stopped right away if store owners would upgrade their software regularly. But this is costly and most merchants don’t bother.”

The number of stores breached now sits at 5,925 at the time of writing, with 85 more every day reportedly. Worryingly though, the code is also getting more and more sophisticated. There are more types of payment systems being targeted, and the code attempts to hide itself, with some using multi-layer obfuscation or being disguised as UPS code.

Talking to the BBC, Mr De Groot suggested that online shoppers “only enter their payment details on sites of known payment providers such as PayPal. They have hundreds of people working on security, the average store probably has none.”

Government sites and carmakers are among those believed to have been a victim of the hacking, although large firms are not thought to be affected.