Hackers looking into injecting card stealing code on routers, rather than websites

[InfoSec News <alerts () infosecnews org>]

https://www.zdnet.com/article/hackers-looking-into-injecting-card-stealing-code-on-routers-rather-than-websites/

By Catalin Cimpanu
Zero Day
ZDNet News
September 25, 2019

Security researchers at IBM have found evidence that hackers have been working 
on creating malicious scripts they can deploy on commercial-grade "Layer 7" 
routers to steal payment card details.

This discovery is a game-changer in what researchers call Magecart attacks, 
also known as web skimming. These are attacks where hackers plant malicious 
code on an online store that records and steals payment card details.

Until now, Magecart-specific code was only delivered at the website level, 
hidden inside JavaScript or PHP files. However, this new discovery is an 
escalation of Magecart attacks to a new level, where the malicious code is 
injected at the router level, rather than being added by hackers on outdated 
websites.


WHAT ARE L7 ROUTERS

Layer 7, or L7, routers are a type of commercial, heavy-duty router that's 
usually installed on large networks, such as hotels, malls, airports, casinos, 
government networks, public spaces, and others.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_