Global site navigation

Local editions

Jumia, Konga, Others in Trouble as Hackers Rig E-Commerce Sites’ Payment Info
Technology

Jumia, Konga, Others in Trouble as Hackers Rig E-Commerce Sites’ Payment Info

by  Pascal Oparada
  • E-commerce platforms that have payment information on their sites are a target of hackers who exploit weaknesses in the site
  • They plant a hostile code that pops up each time a customer or visitors wants to make a purchase on those sites
  • Nigerian e-commerce platforms like Jumia and Konga may be vulnerable to these hackers who target customers' debit or credit cards

Your support matters. Sustain independent journalism in Nigeria – contribute to Legit.ng.

E-commerce websites users in Nigeria may be vulnerable to a new tricks used by hackers who target the payment information of customers who visit the websites.

Prominent e-commerce platforms like Jumia, Konga and a host of others are prime targets of malicious hackers who exploit vulnerabilities found in most e-commerce sites to steal the card details of their customers.

Hackers target e-commerce websites
Hackers target e-commerce websites Credit: Halfpoint Images
Source: Getty Images

Hundreds of e-commerce sites compromised

Recently, it was found that about 500 e-commerce websites were found to have been rigged by hackers who installed a card skimmer that secretly stole important data when visitors try to buy something.

Read also

Google to Expand 2-Step Verification Auto Enrollments to Keep Internet Users Safe Online

Do you have a groundbreaking story you would like us to publish? Please reach us through info@corp.legit.ng!

According to a report published on Tuesday, February 15, 2022, is the latest one that involves Magecart, a general term given to crime syndicates that contaminate e-commerce sites with skimmers.

In recent years, thousands of sites have been hit by hackers that take advantage to run hostile codes. Whenever visitors enter payment card details during a purchase, the code sends that to a hacker-controlled servers.

How hackers enter vulnerable sites

Acoording to wired, the security company, Sansec that found out the newest batch of contaminations said the infected sites were all loading hostile scripts at the domain naturalfreshmall.[.]com.

The company said the skimmer reveals a fake payment popup, defeating a hosted payment form on the website.

According to the firm, the hackers then modified existing files or plant new files that provide about 19 backchannels that they could use to retain control over the sites in event that a hostile script was updated.

Read also

Zuckerberg warns users not to screenshot chats, announces new changes for facebook, instagram, Whatsapp

The only way to fully clean up the site is to know and remove the backchannels before updating the weak CMS that allowed the backchannels in the first place.

5 tips to avoid being scammed by Yahoo Boys online

Legit.ng has reported that the activities of cyber criminals popularly called Yahoo boys have increased in Nigeria recently.

Their targets are not just high net worth persons who are based overseas but local people irrespective of status.

Many Nigerians are more likely to send money to friends and acquaintances using a payment on the smartphone than write a cheque these days.

Source: Legit.ng

Hot:
Online view pixel