Magecart infects ABS-CBN Store with payment skimmer

Willem de Groot, a Dutch security researcher, recently reported that local broadcasting giant, ABS-CBN Broadcasting Corp., is the latest company to be targetted by Magecart, the cybercriminal group behind the British Airways and Ticketmaster data breach.

In his latest findings, de Groot discovered an obfuscated JavaScript code in ABS-CBN Store, the company’s online merchandize shop. This code has been up since at least August 16th, according to the security expert. This malware works during the checkout process through a browser-based interception, defeating the security of encrypted connections (https/SSL).

His research shows that the personal information of ABS-CBN Store’s customers along with their credit card details are being sent to a server located in Irkutsk, Russia. This specific server belongs to the same Russian network as coffeemokko.com, a different malware campaign that the researcher also discovered recently.

Before publishing the report, de Groot already contacted the TV network but has yet to receive a response. We will also try to contact ABS-CBN and the National Privacy Commission (NPC) for this latest security breach.

In a separate report, ZDNet spoke with RiskIQ’s Senior Threat Intelligence Analyst Yonathan Klinjnsma who went on confirming that this security incident is indeed the works of Magecart.

As of this writing, the ABS-CBN Store is currently down. The company  may have been working on this report already.

***UPDATE***

9/19/2018 – ABS-CBN released a press statement regarding this matter. The company confirmed that they have temporarily shut down the affected website ABS-CBN Store. Apparently, this also includes the UAAP Store. The Kapamilya Network was able to identify 213 affected customers as of this writing and have started contacting them.

In compliance with NPC, the company said that they are now closely coordinating with the agency while the investigation is ongoing.

Below is a copy of the statement that came from Kane Errol Choa, ABS-CBN’s Head for Integrated Corporate Communications.

NPC also released their press statement through Privacy Commissioner Raymund Enriquez Liboro. The commissioner said that the Data Protection Officer of ABS-CBN, Jay C. Gomez, already notified them of the breach. The agency also said that they are monitoring the situation. ABS-CBN should be able to provide them a copy of the full report within five days.

Fjordan Allego
Follow me

Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.
Fjordan Allego
Follow me

Related Posts:

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.