Time has shown us that hackers can launch attacks on any platform or type of users. It doesn’t matter if it is a widely used social network or a website that has just been created. In this article, we echo an attack against the European Space Agency. It has been hacked to steal bank cards. We are going to explain to you what exactly it consisted of and what you can do to avoid similar problems.
Specifically, what they have done is attack the official store of the European Space Agency. This is where users, clients, when making payments, have put their data. It is something that we have seen on many occasions and it is one of the options that cybercriminals have to obtain this type of information.
Attack on the European Space Agency store
But what exactly have they done? They have used a malicious JavaScript code fragment, with the aim of creating a fraudulent payment page. The victim enters the website, accesses the payment and is actually handing over their data to cybercriminals. They are impersonating the legitimate payment gateway.
In the official store they sell different products, such as t-shirts or backpacks, for example. Especially, it is during these Christmas periods when we see more attacks of this type. Hackers take advantage of the increase in sales on the Internet and look for ways to attack and steal information.
When the victim wants to buy a product, the attackers, through that malicious JavaScript code, can collect customer and payment card data. Basically, what you put into any purchase you make online. All of this will be exposed, since you are putting it on a malicious website, with a domain that does not really correspond to the European Space Agency.
Security researchers discovered that they use another domain. The official one, from the European Space Agency, uses esaspaceshop in the .com TLD. On the other hand, the fake site, the one created to steal data, uses that same name, esaspaceshop, but in the .pics TLD. But of course, it appears on the official website itself and, apparently, there is nothing to show that it is a fraud.
Buy safely
So, what can you do, as a user, to shop safely on the Internet? We always recommend buying from legitimate, official sites that you can recognize with guarantees. Avoid unknown sites, where you cannot trust or there is no information to see if it is legitimate or not. Detecting if a website is reliable to buy from is the first step.
From there, we also advise you to use secondary bank cards. You can use disposable cards or use a rechargeable one or wallet, to only have one amount to make that payment. In case the data is leaked, they really won’t be able to attack you beyond that amount.
On the other hand, it is important to protect your equipment. Always make sure you have it updated, as well as have a good antivirus. This will help you detect threats and eliminate them before they start to act. There are many options available, but you should always make sure you have installed one that is safe.
