1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Facebook ecommerce plugin used by thousands of stores hacked to s

    From TechnologyDaily@1337:1/100 to All on Mon Jun 24 19:00:05 2024
    Facebook ecommerce plugin used by thousands of stores hacked to steal credit card data

    Date:
    Mon, 24 Jun 2024 18:45:58 +0000

    Description:
    pkfacebook is a popular plugin for PrestaShop, an open source ecommerce platform used by hundreds of thousands of sites.

    FULL STORY ======================================================================

    A Facebook plugin built for a top ecommerce platform is said to be vulnerable in a way that allows threat actors to steal peoples credit card information, and ultimately - money.

    Security researchers from Friends-of-Presta have warned of an SQL injection vulnerability in pkfacebook, claiming they observed the flaw being abused in the wild.

    Pkfacebook is a plugin for PrestaShop, an open source ecommerce platform that enables individuals and businesses to create and manage their online stores. This plugin allows people to register their accounts and log in, using Facebook, leave feedback on bought items, and communicate with customer support. Assume everyone's vulnerable

    Friends-of-Presta is a community of developers, integrators, agencies, and software publishers. As per their findings, as well as those from cybersecurity researchers TouchWeb, the SQL injection flaw is tracked as CVE-2024-36680. It is being abused by malicious actors to install credit card skimmers on vulnerable websites, allowing them to steal valuable payment information .

    Promokit, the company that develops and maintains the Facebook plugin, says
    it fixed it long ago but, as BleepingComputer finds, provided no proof for their claims. Right now, some 300,000 online stores are using PrestaShop, but it is impossible to determine how many are vulnerable right now.

    Friends-Of-Presta believes all users should consider themselves vulnerable, and should do the following:

    Update pkfacebook, make sure they use pSQL to avoid Stored XSS flaws, modify the default ps_ prefix to a longer, arbitrary one, and activate OWASP 942 rules on the Web Application Firewall.

    Breaking into vulnerable ecommerce sites to steal peoples credit card data is a popular form of cybercrime. MageCart was, at peak, by far the most popular and disruptive credit card-stealing cybercrime group out there. While lately the group has been successfully keeping a low profile, security researchers from Malwarebytes found activity that could be linked to the group, back in May 2023. More from TechRadar Pro Online stores are being hijacked with fake forms to steal credit card details Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/facebook-ecommerce-plugin-used-by-thous ands-of-stores-hacked-to-steal-credit-card-data


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)