PokerTracker.com Hacked to Inject Payment Card Stealing Script

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,147
Content source
https://www.bleepingcomputer.com/news/security/pokertrackercom-hacked-to-inject-payment-card-stealing-script/
A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded a Magecart script - code that steals payment information from customers.

Online poker enthusiasts use the Poker Tracker software suite to improve their winning chances by making decisions based on statistics compiled from the opponents' gameplay.

A report on August 8 indicated that Malwarebytes anti-malware blocked Poker Tracker from connecting to a domain known to host credit card skimmers - scripts that copy payment card details on checkout pages and delivers them to the attacker.
Click to expand...
Read more below:
www.bleepingcomputer.com

PokerTracker.com Hacked to Inject Payment Card Stealing Script

A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded JavaScript that stole payment information from customers.
www.bleepingcomputer.com www.bleepingcomputer.com
blog.malwarebytes.com

Magecart criminals caught stealing with their poker face on | Malwarebytes Labs

This post details the curious case of a Magecart web skimmer encountered in a poker application, and what this means for Magecart's future.
blog.malwarebytes.com blog.malwarebytes.com
 
  • Like
  • +Reputation
Reactions: Andrew3000, stefanos, harlan4096 and 2 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
The compromise was possible because PokerTracker.com was running Drupal 6.3.x, an outdated version that has security vulnerabilities.
Click to expand...
www.bleepingcomputer.com

PokerTracker.com Hacked to Inject Payment Card Stealing Script

A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded JavaScript that stole payment information from customers.
www.bleepingcomputer.com www.bleepingcomputer.com
Free CMS platforms, Wordpress etc is something one should always be careful around. Especially when it comes to commerce.
 
  • Like
  • Applause
Reactions: harlan4096, stefanos, Gandalf_The_Grey and 1 other person
silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,147
crezz said:
Would the "NoScript" browser extension block this malware ?
Click to expand...
NoScript probably blocks all scripts by default, after that the most websites doesn't working correctly, then you need to allow a few scripts at least, so NoScript cannot help out in case of the malicious-script would be allowed manually by user...
 
  • Like
Reactions: harlan4096, upnorth, stefanos and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Hackers modify online stores’ 404 pages to steal credit cards
Replies
0
Views
979
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Security News Europol warns 443 online shops infected with credit card stealers
Replies
4
Views
1,111
Security News
oldschool
oldschool
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Canada's largest alcohol retailer's site hacked to steal credit cards
Replies
1
Views
495
News Archive
Andrezj
Andrezj

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top