- Feb 4, 2016
- 2,520
Hackers have compromised the website of the world-famous Tupperware brand and are stealing customers' payment card details at checkout. The risk existed for a while as researcher’s attempts to alert the company remained unanswered.
Some localized versions of the official Tupperware website were also running malicious code that skims credit card data.
The attack was carefully orchestrated to keep the skimmer active for as long as possible - a clear indication that this is not the work of run-of-the-mill MageCart attackers.
Clever tactic
The hackers used an ingenious method to steal credit card data from Tupperware customers at checkout: they integrated a malicious iframe that displays a fake payment form fields to shoppers.
Discovered by researchers at Malwarebytes, the iframe loaded the content from “deskofhelp[.]com,” a domain that was created on March 9 and it is hosted on a server with multiple phishing domains.
... ...