American company Tupperware has just joined the list of private enterprises attacked by cybercriminals. In a security report, the company’s IT team revealed that a group of threat actors injected malicious code into their website to collect all user payment card data.
According to reports, this malicious code has been active on the company’s website for at least a week. A cybersecurity firm hired by Tupperware mentioned that the first signs of anomalous activity were reported last Friday, March 20, although the company did not respond to the first reports.
The threat actors used a malware variant to upload a fake payment form to the Tupperware website. Thus, every time users tried to make a purchase, they were actually sending their payment card data to a hacker-controlled address. Eventually, the criminals showed users an error window while the information was being extracted.
Among the information stolen from Tupperware customers are details such as:
- Full name
- Phone number
- Home address
- Card number
- Expiration date
- CVV key
So far Tupperware has not revealed additional details on the attack.
This type of malware is known as “skimmer” or Magecart scripts. It should be mentioned that the effectiveness of the attack varies depending on the region, as the fake form used by hackers is written in English, something very easy to detect for users in Spanish-speaking countries.
Because hundreds of millions of people are forcibly held in their homes, cybersecurity experts anticipate that it will increase the number of skimming scams, so users should stay on top of any possible attempts to skimming frauds.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.