If you eat out or are in the habit of ordering take-out on a regular basis, be aware.
Recently, a large, well-organized web-skimming campaign has been uncovered that allowed hackers to swipe the payment card details for more than 300 restaurants, impacting more than 50,000 customers.
Web-skimmers are sometimes called Magecart malware and they are bits of JavaScript that collects credit card data when shoppers enter their card data on the checkout page on an online payment portal.
This latest campaign was brought to light by researchers at Recorded Future, who noticed suspicious activity on the ordering portals of InTouchPOS, Harbortouch, and MenuDrive.
There have been two distinct campaigns so far, with the first one beginning on January 18 of 2022 and impacting 80 different restaurants using MenuDrive and another 74 that were utilizing Harbortouch's platform.
Big chains don't typically use platforms like these, so most of the impacted restaurants were small, local operations widely scattered across the United States. In both campaigns just mentioned, the web skimmer malware code was discovered on the restaurant's web pages and its subdomain on the payment portal's platform.
In the case of Harbortouch, a single malicious JavaScript was used, while two different scripts were deployed against MenuDrive users.
The second campaign targeted InTouchPOS beginning on November 12 of 2021, but most of the actual attacks occurred in January 2022. Here, no details were stolen from the site itself but rather, the attackers overlaid a fake payment form on top of the legitimate one and harvested payment details that way.
Recorded Future reports that both campaigns appear to be ongoing, and the firm has alerted all impacted entities. At the time this piece was written, they had not received a response back from anyone.
In any event, if you order online from a local eatery near you, keep a watchful eye on your account. Your payment data may have been compromised.
If this tip helps and you would like to donate click on the button. Thanks In Advance
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
