Willem de Groot, a Dutch security researcher, recently reported that local broadcasting giant, ABS-CBN Broadcasting Corp., is the latest company to be targetted by Magecart, the cybercriminal group behind the British Airways and Ticketmaster data breach.
In his latest findings, de Groot discovered an obfuscated JavaScript code in ABS-CBN Store, the company’s online merchandize shop. This code has been up since at least August 16th, according to the security expert. This malware works during the checkout process through a browser-based interception, defeating the security of encrypted connections (https/SSL).
His research shows that the personal information of ABS-CBN Store’s customers along with their credit card details are being sent to a server located in Irkutsk, Russia. This specific server belongs to the same Russian network as coffeemokko.com, a different malware campaign that the researcher also discovered recently.
Before publishing the report, de Groot already contacted the TV network but has yet to receive a response. We will also try to contact ABS-CBN and the National Privacy Commission (NPC) for this latest security breach.
In a separate report, ZDNet spoke with RiskIQ’s Senior Threat Intelligence Analyst Yonathan Klinjnsma who went on confirming that this security incident is indeed the works of Magecart.
As of this writing, the ABS-CBN Store is currently down. The company may have been working on this report already.
***UPDATE***
9/19/2018 – ABS-CBN released a press statement regarding this matter. The company confirmed that they have temporarily shut down the affected website ABS-CBN Store. Apparently, this also includes the UAAP Store. The Kapamilya Network was able to identify 213 affected customers as of this writing and have started contacting them.
In compliance with NPC, the company said that they are now closely coordinating with the agency while the investigation is ongoing.
Below is a copy of the statement that came from Kane Errol Choa, ABS-CBN’s Head for Integrated Corporate Communications.
NPC also released their press statement through Privacy Commissioner Raymund Enriquez Liboro. The commissioner said that the Data Protection Officer of ABS-CBN, Jay C. Gomez, already notified them of the breach. The agency also said that they are monitoring the situation. ABS-CBN should be able to provide them a copy of the full report within five days.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024