With malicious code, hackers have the ability to acquire all of them data which are imported into the forms. We do not know exactly how hackers managed to break the services, but there is a suspicion violated the Cloud CMS CDN and modified one of the service scripts. Cloud CMS has developed the open source Alpaca Forms service about 8 years ago.
The attacks were discovered by researcher Willem de Groot. According to information, when Cloud CMS was informed of the violation, it turned off the CDN that served the malicious script.
A few words about broken services
The Alpaca Forms open source service helps create HTML5 forms for mobile applications and the internet. The service offers many features and makes it easy for users to create a form using JSON Schema and Handlebars.
As we said above, the malicious code records the information entered into the forms. Usually it is codes, financial data, payments, and more. He then sends this information to a server located in Panama and controlled by hackers.
Cloud CMS, after disabling the CDN with the malicious script, began research. According to her, there is no problem with Cloud CMS, customers or products.
However, it seems that behind both attacks are the same hackers.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.