- Researcher claims that two snippets from Picreel and Alpaca are infected with malicious code.
- The hackers are stealing all data that is inputted on the compromised websites by the users.
- This includes login credentials, payment details, and quite a lot of “garbage” data as well.
Supply chain attack of the week: @Picreel_
marketing software got hacked last night, their 1200+ customer sites are now leaking data to an exfil server in Panama.
— Willem de Groot (@gwillem) May 12, 2019
In total, the Picreel script was found in about 1250 websites, while the Alpaca Forms code was spread over 3350 domains. This means that right now, there are millions of people who have their sensitive information recorded and sent to the shady Panama servers. According to the researchers, the malicious code focuses on the grabbing of whatever information a visitor of the infected websites enter on them, including the contact forms, login boxes, and the payment webpages. This means that the actors can steal login credentials and even credit card details that are used in payment checkout pages. Obviously, quite a few of these details have already been exfiltrated, but at this point, there’s no estimate of the total damage.
Did you find a match? Let us know which one it was in the comments down below, helping others stay safe and informing the community. Don’t forget that you have the power to help us spread the word of warning by sharing this post through our socials, on Facebook and Twitter.