« CSAが「DevSecOpsの6つの柱:自動化」を公開していますね。。。 | Main | NIST NISTIR 8214A「閾値暗号」開発の取り組みを開始 »

2020.07.09

HIDDEN COBRA(北朝鮮?)が米国や欧州のオンラインストアに侵入しクレジットカード番号を取得している?

こんにちは、丸山満彦です。

オランダのセキュリティ会社Sansecが北朝鮮国家から支援を受けているHIDDEN COBRAが米国や欧州のオンラインストアに侵入しクレジットカード番号を取得していると報告していますね。

Sansec
 ・2020.07.06 North Korean hackers are skimming US and European shoppers

North Korean state sponsored hackers are implicated in the interception of online payments from American and European shoppers, Sansec research shows. Hackers associated with the APT Lazarus/HIDDEN COBRA1 group were found to be breaking into online stores of large US retailers and planting payment skimmers as early as May 2019.

 

■ 参考

● US-CERT
North Korean Malicious Cyber Activity

 

■ 報道等

xakep
・2020.07.07 (НОВОСТИ) Северокорейских хакеров связали с атаками MageCart by  

Специалисты голландской ИБ-компании SanSec ­обнаружили, что северокорейская хак-группа Lazarus (она же Hidden cobra) практикует веб-скимминг и взламывает интернет-магазины.­
A North Korea-sponsored hacking group has been found to have stolen credit card information of American and European shoppers from online stores of U.S. retailers for more than a year, a Dutch cyber security firm said.
Hackers associated with the "APT Lazarus/HIDDEN COBRA group" were implicated in breaking into the online stores through digital payment "skimming" from as early as May 2019, according to a report posted on the website of Sansec.

Hidden Cobra Stealing E-Commerce Payment Card Data, Security Firm Sansec Reports

HIDDEN COBRA attacks e-commerce sites.

The Magecart credit card skimmer found on the website of retailer Claire’s Accessories was likely put there by the Lazarus or Hidden Cobra North Korean APT group, reports Sansec
 
Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms. 

 ZDNet
・2020.07.06 North Korean hackers linked to web skimming (Magecart) attacks, report says b

After hacking banks and cryptocurrency exchanges, orchestrating ATM cash-outs, and deploying ransomware, North Korean hackers have now set their sights on online stores.

SanSec says Lazarus group hijacked retail sites with a “higher level of preparation and planning than most”

|

« CSAが「DevSecOpsの6つの柱:自動化」を公開していますね。。。 | Main | NIST NISTIR 8214A「閾値暗号」開発の取り組みを開始 »

Comments

Post a comment



(Not displayed with comment.)




« CSAが「DevSecOpsの6つの柱:自動化」を公開していますね。。。 | Main | NIST NISTIR 8214A「閾値暗号」開発の取り組みを開始 »