The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Amazon S3 Bucket

Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking

Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking

August 29, 2019Wang Wei
Former Amazon employee Paige Thompson , who was arrested last month in relation to the Capital One data breach , has been accused of hacking not only the U.S. credit card issuer, but also more than 30 other companies. An indictment unsealed on Wednesday revealed that Thompson not just stole data from misconfigured servers hosted with a cloud-computing company, but also used the computing power of hacked servers to mine for cryptocurrency, a practice commonly known as " Cryptojacking ." Thompson, known online as "erratic," was arrested by the FBI on July 29 concerning a massive breach in Capital One Financial Corp that exposed the personal information of more than 100 million credit card applicants in the United States and 6 million in Canada. The stolen data included approximately 140,000 Social Security numbers and 80,000 bank account numbers linked to United States customers, and 1 million Social Insurance numbers belonged to Canadian citizens, along wit
Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets

Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets

July 10, 2019Swati Khandelwal
Magecart strikes again! Cybersecurity researchers have identified yet another supply-chain attack carried out by payment card hackers against more than 17,000 web domains, which also include websites in the top 2,000 of Alexa rankings. Since Magecart is neither a single group nor a specific malware instead an umbrella term given to all those cyber criminal groups and individuals who inject digital card skimmers on compromised websites, it is not necessary for every one of them to use similar techniques with the same sophistication. A new report shared with The Hacker News prior to its release details a new supply-chain attack campaign wherein hackers are using shotgun approach instead of targeted attacks to infect a wide range of websites, preferring larger infection reach as possible over accuracy. Almost two months ago, security researchers from RiskIQ discovered supply-chain attacks involving credit card skimmers placed on several web-based suppliers, including AdMaxi
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.