Hundreds of Counterfeit Sneaker Sites Hacked to Steal Credit Cards
As the craze for the latest Off-White, Nike, and Adidas sneakers heats up, sites selling counterfeit kicks have popped up to capitalize on sneakerheads searching for the best deal. To make a bad deal even worse, hackers are now targeting these sites to install malicious Magecart scripts that also steal your credit card information.
Sites selling counterfeit kicks have sprung up to capitalize on demand for the latest Nike and Adidas sneakers. To add insult to injury, hackers are now targeting these sites to install malicious Magecart scripts that also steal your credit card information.
According to Jason Kent, Hacker in Residence at Cequence Security:
“Circular flows in any system are interesting to watch and see how they follow one another. The stolen credit card sold by a carder is used to purchase a desirable item (like sneakers); that item is then sold on a legitimate site (possibly Ebay) for market value, thus laundering the transaction and creating value for the malicious merchant. The legitimate site is then compromised by an attacker using a program to scrape credit cards which the carder will then sell to someone that will buy a desirable item.
The impact of this can be that a fake shortage can exist on the original inventory of the desirable item, causing another market to be created in knockoffs. Now the carders are trying to get into the sites of the knockoff market, creating another database of cards for sale. No doubt those cards will be sold and transactions laundered in some other part of the market, perhaps creating another shortage and another opportunity for the attackers.
Inventory takeover attacks to drive the market can cause the same impact; shortages on desirable items can then be controlled and the fraudulent sites can be put in place before the bots start the shortage and create the market in their favor. A well-organized team could drive the demand and orchestrate the shopping experience to create a carding service that fed itself.”