Posted on October 9, 2019 at 1:39 PM
Google Cloud: Hackers Breached Volusion and Stole Thousands of Card Details
Today is a dark day indeed for Volusion, an e-commerce platform dedicated to small and medium-sized businesses. You see, the Volusion cloud has been compromised by a group of enterprising hackers, and are collecting credit card information of a confirmed 6500 stores. However, this number is undoubtedly higher.
Considering the hackers had compromised the cloud service instead of an individual site, their exploit can work on almost all the stores within Volusion. That’s over 30,000 merchants in total.
The most notable website to be compromised is the childhood show’s SesameStreet’s online vendor platform. At the time of writing this article, the site has been shut down due to “Scheduled Maintenance,” however believable that might seem.
At the time of writing this article, the malicious code that started it all is still floating around in Volusion’s cloud. Volusion has, rather aptly, refrained from commenting on the situation. Sadly, staying silent won’t save them from the loss of Face they will doubtlessly suffer from this fiasco.
Google Cloud Infrastructure Compromised
Volusion’s cloud is based on the Google Cloud infrastructure. The company was the first large e-commerce platform to move to the Google Cloud Platform completely.
In this infrastructure, the hackers managed to embed a modified Javascript file that injects malicious code into the online forms you fill in before purchase. This enables them to store the credit card information of whoever went to checkout and bought something in the afflicted stores.
Now, this is a bad PR situation for everyone involved, and Google has stood with Volusion when it comes to staying quiet. This whole situation is a mess, and it’s going to be interesting to see how Volusion and Google spin this attack. With over 185 billion orders across the Volusion platform, the possible amount of data compromised is enormous. Massive amounts of wealth may be at risk due to this breach.
A Magecart Attack
This hack was, as cybersecurity experts would call it, a Magecart attack. Simply put, it’s the new age’s credit card skimming scheme. Instead of jury-rigging some readers into an ATM or doing the old-but-almost-never effective phishing scam, these hackers installed the skimmer directly into the website.
Usually, this hack is localized to the specific website. Whether it be outdated antivirus software or just a human error, these sites become compromised, but hack stays within that domain. However, in a case like this, there comes an intrepid group of highly sophisticated hackers that manage to find a tiny crack in a massive system.
Usually, it’s just that one tiny crack they need to blow it all open. A real hacker’s skill isn’t their ability to write a malicious piece of code. It’s about a specific hacker’s creativity and ingenuity to use this piece of code in ways security companies have not anticipated yet.
With this keylogger, the hackers are capable of stealing your credit card info without ever touching the real thing. While this has been possible for a time, it doesn’t need you falling for the old Nigerian Prince scheme.
Last week, RiskIQ released a statement saying that these Magecart scripts have been spotted on at least more than 18 000 different websites.
A Warning to All
This hack, while catastrophic, should serve as a lesson to everyone involved to sharpen their game. Volusion will probably bounce back from this, but it will severely damage their overall opinion.
What should be a worry is all the consumers potentially compromised in this situation. Volusion is a massive company, with over 30,000 merchants and more than 185 million orders. The platform has a large number of users, and evidence shows this thing has been going on at least since the middle of September.
Everyone that has been using online merchants using Volusion’s framework, please take the necessary steps to ensure your financial safety. Please keep a close eye to suspicious transactions on your bank account. Above all, be vigilant against the less sophisticated scams and make sure your money stays safe.
If you suspect that your bank account has been compromised, go to your bank and take the necessary steps to secure your bank. Even if it’s just a feeling, it’s better to be safe than sorry.