Blender maker website, NutriBullet is hit by Magekart hackers several times in the last two months. Hackers have injected malicious credit-card skimming malware on the payment page and potentially exposed sensitive data including credit card details and personal details.
Magekart is a group of hackers famous for credit card skimming. In the past, the group has attacked big names including British Airways, the American cancer society, and Ticketmaster.
Researchers at RiskIQ unveils the security break. The data including Credit card numbers, card holder’s name, CVV, expiry date, etc were sent to a third-party server being operated by the hackers. Not only this that the data was stolen but also, it was sold to dark web market buyers.
NutriBullet removed the malicious code each time the attack happened but as per RiskIQ, hackers still have access to the company’s infrastructure and with that, hackers broke into the website last week too. RiskIQ head of threatening research Yonathan Klijnsma already warned against the use of the website. With the help of Shadowserver and AbuseCH, the domain used to pass card details takedown.
NutriBullet’s said that they have started the forensic investigations and outside cybersecurity specialists will work with them to prevent further attacks.
The number of cards sold on dark web is still unknown.