In only 22 lines of code, hackers took on the UK's largest airline and stole data from up to 380,000 people. But the hackers behind British Airways' data breach, which took place from late August into early September, left behind a trail of evidence showing just how the major airline had suffered its cyberattack, according to researchers from cybersecurity firm RiskIQ. Cybercriminal gangs represent a new, more potent threat to businesses because the organized efforts don't just steal from companies, but also the millions of customers paying for their services. While hackers can act alone, coordinated cyberattacks mean the potential to affect more people.
The group stashed some modified code in British Airways' baggage claim webpage, where customers would fill in their names, addresses, email and financial information. Looking through data logs, RiskIQ's researchers found a slight change on the page's code from mid-August. The baggage claim page contained a JavaScript library that sent all the data on the screen to the URL "baways.com." The hackers would obtain a copy of the data while the victim was sending that personal and financial information to the airliner, without realizing that anything was wrong. To an unsuspecting eye, "Baways" might look like short-hand for British Airways, but RiskIQ found that the URL was hosted in Romania and only registered on Aug. 15 -- just six days before Magecart started stealing data from the airliner.
Credits:
No comments:
Post a Comment