This is an article that appeared in, of all places, Filehippo.com, a popular software download site (not an illegal one). Why hasn’t this shown up in the WSJ? The NY Times? The Washington Post? Chicago Tribune, LA Times, San Francisco Chronicle?
Almost six thousand online shops and stores have had skimming scripts installed on their networks as part of a large and continuously active campaign that may have ripped hundreds of thousands of credit card details over the last few months.
Worryingly, the hackers in question are said to be adding up to 85 new stores on a daily basis.
Dutch developer, Security chief, and founder of the Dutch e-commerce site, Byte.NL, Willem De Groot said he found 5,925 individual compromised sites by scanning for the specific signature exhibited by the malicious code that had been covertly injected into website payment software.
According to Groot, a substantial proportion of the stolen data has ended up on servers based in Russia.
Perhaps the highest profile victim of the attacks so far is the US National Republican Senatorial Committee whose customers’ credit card information was stolen from donors to the Committee.
(for fans of the Guardians of the Galaxy film–I’m one of them–and comic book universe, they’ll be grinning at the Dutch developer’s surname: Groot)
Alert: One target is the RNC Senatorial Committee.
The only place I’ve found that this story has appeared is The Register, a UK news site.