Fullz House, a hacking team famous for skimming (scamming) credit cards, violated and infected the site of the virtual mobile network operator (MVNO) of USA “Boom! Mobile ”, with a credit card theft script. Boom! Mobile provides US-based customers with prepaid wireless service plans that operate on the nation's largest mobile networks, including AT&T, Verizon and T-Mobile. This type of violation is known as an attack MageCart, web skimming or e-skimming. These scripts are then used by them hackers with the aim of stealing credit cards or personal information submitted by the customers of the sites in e-commerce forms.
According to BleepingComputer, the infringement of the Boom site! Mobile is currently in development, with the malicious credit card skimmer of the Fullz House team being active on the e-commerce platform based on the company's shopping cart.
The skimmer collects credit card information from the respective input fields whenever it detects any changes, immediately executing the data collected as a GET request with Base64 encoding.
Although the exact method used by Fullz House to penetrate the Boom site is not known! With the aim of stealing credit cards, Malwarebytes noticed that the company's site was running version 5.6.40 of PHP, a version that ceased to be supported in January last year.
Malwarebytes reports to Boom! Mobile the security incident he discovered both through live chat and through e-mail, but has not received a response from the company so far. In addition, Malwarebytes added that the Boom! Mobile remains at risk, as do its online shoppers.
Fullz House uses a hybrid skimming tactic / Phishing, as discovered by researchers of the digital threat management company RiskIQ. Team members carry out skimming and phishing attacks, targeting bank information and credit card information from both payment provider customers and payments on e-commerce platforms. In addition, they try to develop their own web skimmers instead of relying on skimmers created by others who disguise them as Google Analytics scripts and load them through a script tag into the infringed online stores.
However, unlike modern skimmers who collect the data only when customers complete the order do Fullz House skimmer scripts work more like a keylogger constantly monitoring input fields for changes.
In addition, the skimmer developed by Fullz House also works as a phishing tool, which redirects victims who press the button "Buy", from the breached online store to fake and "fraudulent" payment sites, which have been designed in such a way as to "imitate" payment interfaces by legitimate financial institutions. On this page, victims are asked to enter the payment information sent to the attackers' servers as soon as the button is pressed. "Payment". Victims are immediately redirected to the store's actual payment processor page to complete the purchase, without knowing that their credit card details have been stolen.