Fullz House
The hacker group Fullz House has successfully hacked the website of Boom! Mobile, which resells mobile phone plans from major carriers. Its e-commerce website has been compromised with malicious JavaScript scripts. The attack aims to steal credit card information.
The attackers used a decoy payment portal to steal payment card information and exfiltrate it as a Base64 encoded GET request. They exploited a vulnerability in PHP version 5.6.40, which is no longer supported by Boom! Mobile. Researchers have traced the group and have noticed several new fraudulent domains. Malwarebytes, a security firm, has also reported an active infection on one of the mobile service provider’s live chat and email channels.
Website design By BotEap.com
Malwarebytes fullz website found that the attackers also injected malware that steals credit card data. The attackers used convincing PayPal iframes to hijack the checkout process on the compromised websites. Malwarebytes has previously detected Fullz House, which has been active in the phishing and skimming space.
Fullz House Hacked the Website of Boom! Mobile
In other news, the company is still unsure if the site of Boom! Mobile is still compromised. It has reached out to the company for comment on the issue. When ZDNet hears back, it will report on further developments. In the meantime, consumers should exercise caution if they plan to shop online.
A hacker group called Fullz House has taken advantage of vulnerabilities on the website of mobile provider Boom! and managed to steal credit card details. They have taken advantage of a vulnerability in PHP version 5.6.40, which has not been supported since January 2019. While experts have tried to notify Boom! Mobile of the compromised website, the mobile provider has yet to respond.
The hacking group has been associated with other attacks on Boom! Mobile, including Magecart. The group has also begun to expand into card-skimming and phishing campaigns, according to researchers. Since the hack, Fullz House has registered a number of fraudulent domains. Malwarebytes has also reported an active infection to the mobile service provider through email and live chat.
The hacker used the base64 encoding method to phish for payment card information. This method is known as a “paypal iframe” attack. It hijacks online stores’ checkout process and steals credit card information. Palo Alto Networks is monitoring the activity of these sites and is investigating a variety of methods.