Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 1 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News It took hackers just 22 lines of code to steal British Airways’ customer data
In The Name OF Allah
Al-Salam Alekum

[Image: lousy_hacker-796x430.jpg]

Quote:Last week, British Airways acknowledged that its website had been hacked – leading to 380,000 customers‘ data being compromised. It seems like it wasn’t too difficult either: Cybersecurity firm RiskIQ has found out that it took hackers just 22 lines of code to get a hold of the data. RiskIQ speculated that a group called Magecart is behind this attack; it was responsible for the TicketMaster UK hack earlier this year, which affected the data of 400,000 customers. Magecart has traditionally stolen data by injecting a malicious script into payment forms.

The hackers modified a Modernizr javascript version 2.6.2 ( a library used to detect certain user actions like clicks and taps) – on BA’s site to steal the data between August 21 and September 5. RiskIQ found that the script had been modified on August 21 just before the data breach began. The modified code – where just 22 lines were changed – sent the information to the hackers’ servers as soon as someone hit the ‘Submit’ button on the payments form. The script was able to capture BA customers’ names, addresses, phone numbers and details through its site and mobile app.

Wa Salam Alekum
* Thankful to Allah *

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 60 09-18-2020, 08:12 AM
Last Post: News
Star News Data Breaches Exposes Vets, COVID-19 Patients News 0 69 09-16-2020, 02:03 AM
Last Post: News
Star News ManageEngine Applications Manager Authenticated Remote Code Execution - CXSecurity.c News 0 100 09-06-2020, 01:51 PM
Last Post: News
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 332 07-15-2020, 12:28 AM
Last Post: EthelCrife
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 385 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 345 06-01-2020, 07:42 AM
Last Post: Mr.Kurd
Heart News Zoom Offers Custom Data Routing To Paid Users Mr.Kurd 0 679 04-16-2020, 06:47 AM
Last Post: Mr.Kurd
Star News Zoom will soon let some users choose which countries their data is routed through Mr.Kurd 0 407 04-14-2020, 09:07 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 374 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 327 04-02-2020, 08:38 AM
Last Post: Mr.Kurd

Users browsing this thread: 1 Guest(s)