Tech »  Topic »  European Space Agency hack sees official store hijacked to steal customer details

European Space Agency hack sees official store hijacked to steal customer details

14 hours ago   techradar.com
  • Security researchers found a malicious script on ESA's web shop
  • The script creates a fake Stripe page at checkout, grabbing payment data
  • The shop is currently unavailable

The website of the European Space Agency (ESA) was recently compromised with a credit card skimmer, putting countless people at risk of wire fraud.

Researchers from Sansec spotted a malicious script on ESA’s web shop, and determined it creates a fake Stripe payment page at checkout, where it collects customer information.

Payment data, including sensitive credit card information, was also being gathered, making this attack particularly dangerous.

Out of ESA's hands?

The sensitive data was harvested and sent to a domain with the same name as ESA’s legitimate one, BleepingComputer reports. The top-level domain, however, was different as instead of the usual .com TLD, the domain here was .pics.

As soon as Sansec spotted the attack, it notified ESA ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE