Experts Insight On Tupperware Website Hacked And Infected With Payment Card Skimmer

It has been reported that hackers have breached the website of Tupperware, a US company known for its plastic food container products, and placed malicious code on its website to collect payment card details from site buyers. The malicious code has been running on the Tupperware homepage for at least five days, according to security researchers. Every time a user initiates a payment, the malicious code creates an iframe that floats over the page and shows a cloned payment form that mimics Tupperware’s original VISA CyberSource payment form.


EXPERTS COMMENTS
Gadi Naveh, Senior Security Researcher ,  PerimeterX
March 27, 2020
Fake checkout forms are a common method Magecart attackers use to get around the iframe protections.
Fake checkout forms are a common method Magecart attackers use to get around the iframe protections used by legitimate payment services. Skimming toolkits like Inter make this simple and accessible to all attackers. However, their one downside is that they prevent the legitimate transaction from being successfully completed. This attack added another step and reverted to the legitimate form once t ....
[Read More >>]
Matt Keil, Director of Product Marketing,  Cequence Security
March 27, 2020
Standard server headers to block iframes would have stopped this attack.
Though the iframe injection was crafty, this type of attack should only work on websites that have implemented very few security measures. Standard server headers to block iframes would have stopped this attack. As we look at how Magecart attacks work, having a simple understanding of where your clients are being redirected is becoming necessary. 3rd party code is needed but it shouldn’t be an o ....
[Read More >>]
Justin Fox, Director of DevOps Engineering ,  NuData Security
March 27, 2020
Once the consumer payment card data has been skimmed by an attacker that payment card needs to be rendered inoperable.
Web skimmers or Magecart scripts work by taking advantage of an infrastructure vulnerability caused by misconfiguration. The misconfiguration enables an attacker to discover a potentially vulnerable website (using a shotgun approach) and upload the malicious code to service provider. To avoid this type of misconfigurations, it’s useful to comply with standardized security benchmarks – like the ....
[Read More >>]
Elad Shapira, Head of Research,  Panorays
March 27, 2020
It's clear that companies must make sure to continuously assess the security of their supply chain partners.
This cyberattack on Tupperware illustrates why it’s so important for companies to keep checking their websites with a critical eye towards injected code. These silent and stealthy attacks are targeting not only retail sites, but also vendors, with the goal of infiltrating the entire supply chain. It's clear that companies must make sure to continuously assess the security of their supply chain p ....
[Read More >>]
Mounir Hahad, Head ,  Juniper Threat Labs, Juniper Networks
March 26, 2020
Nonetheless, this may be the blueprint of future similar attacks on other web sites.
This does indeed sound like the work of a new cyber gang that has not scaled operations yet. The domain name they chose to register was not customized to blend in to their target victim’s normal web site operations and based on DNS resolution telemetry, it does not seem to have reached any meaningful scale. Nonetheless, this may be the blueprint of future similar attacks on other web sites. ....
[Read More >>]
Tim Mackey, Principal Security Strategist,  Synopsys CyRC
March 26, 2020
The primary potential tell-tale sign might be that the website itself doesn’t quite look “right”.
Online credit card skimming differs from the physical skimming practices most people have heard about in that there isn’t an obvious way the average person will be able to identify if or when a web site has been compromised. The primary potential tell-tale sign might be that the website itself doesn’t quite look “right”, though more sophisticated attacks can make even differentiating betwe ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article