Volusion is a privately-held technology company that provides
Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users. Experts report more than 6,500 stores have been hacked, but they believe that tens of thousands of e-commerce platforms may have been compromised.
The discovery was made by Check Point security researcher Marcel Afrahim that shared his findings in a blog post on Medium.
The experts initially noticed that the Sesame Street Live online store was compromised, it is built with Volusion’s All-in-One E-commerce Website Builder and the name servers are maintained by the Volusion’s Name servers.
While analyzing the checkout page the expert noticed that all the resources are
This suggests that hackers gained access to
The compromised script was located at at https://storage.googleapis.com/volusionapi/resources.js and is loaded on Volusion-based online stores via the /a/j/
“At its core, the additional code consists of two sections. The first section is reading the values entered
Who is behind the attack?
The attackers’ TTPs suggest the involvement of one of the Magecart groups, that in the past already used public cloud storage to host their malicious scripts.
A report recently published by RiskIQ, the experts estimated that the group has impacted millions of users.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.