Infowars Online Site Compromised by MageCart Attack

Earlier this week, a security researcher found payment card-stealing scripts running on the Infowars online site. The scripts managed to stay active for nearly 24 hours. At least 1,600 users of the site may have been affected during this period, though many were returning customers who wouldn’t have had to re-enter their payment information into the compromised forms. As of writing, the malicious scripts being used by Magecart are active on nearly 100 other online stores, with almost 20% getting re-infected within a two-week period.

Scammers Syphon €19 Million From French Film Company

A lawsuit recently revealed that savvy scammers successfully took nearly €19 million through a series of unauthorized transfers from a spoofed personal email address of the company’s CEO. After requesting additional information from the scammers, who continued to provide highly-detailed documents suggesting their legitimacy, several payments were transferred from the company’s main cash pool with promises of a quick payback from the scammers.

Chinese Headmaster Caught Cryptomining on School’s Systems

The headmaster of a Chinese school was fired after staff discovered an excessively high power bill previously written off as a faulty HVAC system was actually caused by several cryptomining rigs running off the school’s electricity. The headmaster brought the mining machines into the school in mid-2017 and evaded blame for the excess power consumption until the physical proof was discovered. While it appears no other harm was done, cryptomining software can be dangerous, as you can never be sure nothing else is bundled with it.

New Botnet Exploits Unpatched Bug in Over 100,000 Devices

Researchers have been monitoring a relatively new botnet that is currently controlling over 100,000 devices, including 116 device types from multiple manufacturers. By taking advantage of well-known bugs within Universal Plug n Play, hackers can quickly take control of the device and begin monitoring traffic from outside of the network.

Cathay Pacific Airlines Cyberattack Occurred Over Several Months

After originally claiming a data breach had taken place last month, affecting 9.4 million customers, new findings have shown the attacks have been happening regularly since March. Even though local laws didn’t require the company to notify authorities regarding a data breach, it is still surprising that it has taken almost nine months to determine what data had been exposed and what hadn’t.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This