Newegg sells all kinds of the newest tech gadgets.
Now it appears the company is the newest victim of Magecart, the cybercrime group that is now linked to British Airways and Ticketmaster hacks.
Security researchers at Risk IQ detailed the attack, which included a spoofed web domain:
"On August 13th Magecart operators registered a domain called neweggstats.com with the intent of blending in with Newegg’s primary domain, newegg.com. Registered through Namecheap, the malicious domain initially pointed to a standard parking host. However, the actors changed it to 217.23.4.11 a day later, a Magecart drop server where their skimmer backend runs to receive skimmed credit card information. Similar to the British Airways attack, these actors acquired a certificate issued for the domain by Comodo to lend an air of legitimacy to their page"
Researchers say hackers placed a digital skimmer into Newegg's checkout process and that criminals had access to an entire month of skimmed sales before the breach came to light.
Read the complete Newegg hacking report for more on what happened next and how the Magecart attack was detected.
