Techly NewsGet the app

Get the latest tech news

Supply-chain attack lies dormant for six years before striking hundreds of e-commerce sites


At least three vendors of e-commerce software tools were compromised in a coordinated supply chain attack dating back at least six years. According to security firm Sansec,...

Facepalm: Supply chain attacks can remain dormant for extended periods before striking their target, but they typically don't take years to achieve their objectives. According to security firm Sansec, the unknown attackers injected a dangerous backdoor into the vendors' products, only taking control of third-party e-commerce servers a few days ago. Once activated, the backdoor executed its malicious payload in users' browsers, stealing payment information in a manner reminiscent of a typical Magecart attack.

Get the Android app

Or read this on r/technology

Read more on:

Photo of years

years

Photo of Hundreds

Hundreds

Photo of chain attack

chain attack

Related news:

News photo

Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years

News photo

Skype Shuts Down After 22 Years, Ending an Era of Internet Calling

News photo

30 years of MySQL, the database that changed the world

« Reddit will tighten verification to keep out human-like AI bots
Shocking Discovery: Scientists Discover Organism That Act Like Living Electrical Wires »