Willem de Groot, a Dutch security researcher, has reported that the ABS-CBN online store has been hacked.
He found a hidden malware inside one of the site’s javascript files that intercepts a customer’s credit card information upon checkout. The data is then sent to a server registered in Russia.
ABS-CBN Shuts Down Store
ABS-CBN recognized the hacking report and shut down its online store at 9:30 AM on September 19, 2018. The company also discovered that the UAAP online store has suffered the same attack.
According to the company’s official statement, an estimated 213 customers may have been affected by the hack.
The stolen identities in these types of hacks are usually sold on the black market. They are advised to check unauthorized financial transactions immediately.
Technical Details of the Hack
According to de Groot, the suspected hacker of ABS-CBN’s online store is the same as the individual or group behind high profile attacks against British Airways and Ticketmaster.
The hacker injected the malware in a javascript file on the store’s server called ccard.js. Once the user accesses the one step checkout page of the store, it intercepts the data and sends it to adaptivecss.org which is located on a Russian server.
This technique has successfully breached the site’s security protocol despite having an SSL certificate.
Sources: gwillem’s lab, ABS-CBN News