Hackers have been able to break into NutriBullet’s website multiple times during the last few months, new research has found.
Known as Magecart Group 8, the group were able to inject malicious credit card-skimming malware on the blender maker’s site. The criminals were able to get hold of personal details like card numbers, names, billing addresses, expiry dates and card verification numbers.
The attacks began on February 20, and could still be continuing today, although NutriBullet says it removed the malicious code from its site.
The data collected was shared to a server operated by these hackers to then be sold on the dark web. RiskIQ claims that its researchers had been trying to contact NutriBullet for over three weeks, but did not get a response.
Yonathan Klijnsma, Head of research of RiskIQ, urged users not to use or shop on NutriBullet’s website till the company fixes the vulnerabilities and acknowledges their outreach.
NutriBullet’s chief information officer Peter Huh admitted its website had experienced intrusion and that the company will be working with the cyber-forensic research team to investigate. He, however, did not confirm if impacted users will be informed about the data breach.
This hacking group is said to have been able to hack over 200 websites using a similar method, having previously attacked companies like Amerisleep, Ticketmaster, British Airways, the American Cancer Society, Newegg and MyPillow.
There are eight known Magecart hacking groups and all of them work with an independent motive, “Their preferred tactic is focusing on individuals victims, avoiding the ‘shotgun approach’ many other Magecart groups take. The group 8 attackers and skims specific sites they seem to cherry-pick for a particular purpose.” RiskIQ said.