TIP: Click on subject to list as thread! ANSI
echo: politics
to: All
from: Mike Powell
date: 2024-12-26 19:47:00
subject: European Space Agency hac
European Space Agency hack sees official store hijacked to steal customer
details

Date:
Thu, 26 Dec 2024 15:56:01 +0000

Description:
Web shop compromised with a skimmer, putting countless people at risk.

FULL STORY

The website of the European Space Agency (ESA) was recently compromised with 
a credit card skimmer, putting countless people at risk of wire fraud. 

Researchers from Sansec spotted a malicious script on ESAs web shop, and
determined it creates a fake Stripe payment page at checkout, where it
collects customer information. 

Payment data, including sensitive credit card information, was also being
gathered, making this attack particularly dangerous. Out of ESA's hands? 

The sensitive data was harvested and sent to a domain with the same name as
ESAs legitimate one, BleepingComputer reports. The top-level domain, however,
was different as instead of the usual .com TLD, the domain here was .pics. 

As soon as Sansec spotted the attack, it notified ESA, which temporarily shut
the shop down. 

At press time, it was still offline, showing Error 503: Service Unavailable.
Our site is temporarily out of orbit for some exciting renovations, the shop
says. Please fly by later. 

Responding to BleepingComputer s request for comment, ESA said the store is
not hosted on its infrastructure, and as such, it is not the one managing the
data. 

This could be confirmed with a simple whois lookup, which show complete
details for ESAs domain (esa.int) and its web store, where contact data is
redacted for privacy, BleepingComputer concluded. 

So far, no threat actors have assumed responsibility for this attack, and 
with this type of incident, they rarely do. However, Magecart is a globally
known, infamous threat actor, that was observed installing credit card
skimmers on major websites in the past. 

The last time we heard of Magecart was in March 2023, when Malwarebytes
speculated the group might be behind the attack on multiple online ecommerce
stores. 

When crooks use peoples credit cards, the victims can get a refund from their
bank. However, cybercriminals can use the money to fund advertising campaigns
that distribute more malware, and by the time the cards are locked and funds
returned, the damage was already done.

======================================================================
Link to news story:
https://www.techradar.com/pro/security/european-space-agency-hack-sees-officia
l-store-hijacked-to-steal-customer-details

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SOURCE: echomail via QWK@pharcyde.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.