The ABS-CBN online store was allegedly hacked and customers’ personal and financial data were supposedly stolen, according to Dutch security consultant and researcher Willem “gwillem” de Groot.
In his website, Groot wrote that cybercriminals have been running a “payment skimmer” on the ABS-CBN online store since at least August 16. Personal and financial data including credit card details were allegedly stolen from shoppers and then sent to a server in Irkutsk, Russia. Groot wrote that the stolen customer data are then “presumably” sold on the black market.
The security breach was allegedly the work of a threat group named Magecart, which specializes in compromising online stores and installing obfuscated malware to steal credit card information entered by customers. The group was also said to be responsible for recent security breaches on British Airways and Ticketmaster, as well as thousands of hacking incidents on Magento websites.
How the ABS-CBN Online Store Was Hacked
Groot said that the hacking incident on the ABS-CBN online store was done through browser-based interception during the checkout process.
The obfuscated malware was hidden within a JavaScript file at store.abs-cbn.com/js/lib/ccard.js. The malware then sends the stolen data to a payment collection server called adaptivecss.org.
The server was on the same network as coffemokko.com, which Groot also discovered as also running a malware campaign.
The malware scheme, called “Coffe&Tea,” steals financial data using malicious JavaScript files and fake payment popups. Coffe&Tea command servers are coffeetea.org, coffemoko.com and energycoffe.org.
Groot has reported the incident to ABS-CBN and as of this writing, has not yet received a response. It is not known how many customers were affected by this incident.
If you have shopped or entered your payment details on the ABS-CBN online store in the past few weeks, call your bank or check your credit card statement for unauthorized payments. You can also have your credit cards replaced as a precautionary measure.
The ABS-CBN online store is currently offline.
Source: gwillem’s lab
