Credit Card Fraud Alert: CERT-In Discloses 'Hacked' Websites Names and Tips for Website Developers

The government's cyber security agency Cert-In has warned against instances of credit card frauds on e-commerce websites across the world. Cyber criminals in online credit card skimming, add skimming code on online shopping websites to steal credit card data shared by customers. According to Cert-In, "Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP)."

The Cert-In's advisory is based on Malwarebytes recent report. As per the report, all the compromised sites identified had a shopping portal, and this is what the cyber attackers were doing. Cert-In has shared the names hacked websites:

 idpcdn-cloud[.]com

 joblly[.]com

 hixrq[.]net

 cdn-xhr[.]com

 rackxhr[.]com

Cert-In has also shared tips for website developers:

1. Use the latest version of ASP.NET web framework, IIS Web server and database server.

2. Apply appropriate updates on the OS and application software as and when available through OEM.

3. Restrict access by default completely and only allow fully necessary accesses.

4. Occasionally conduct a complete security audit of the web application, web server, database server and after every significant configuration change, and plug vulnerabilities found.

5. Apply SIEM (Security Information and Event Management) and Database Activity Monitoring (DAM) solutions.

6. Search all the websites hosted on the web server or sharing the same DB server for the mischievous web shells.

7. Occasionally check the web server directories for any malicious/unknown web shell files and remove when noticed.