Newegg
In another brazen attack against a major online retailer, the actors behind Magecart have struck the eCommerce operations of the popular computer hardware and electronics retailer Newegg. With this latest attack, newegg.com joins the ranks of high-profile eCommerce websites that have fallen victim to the financial theft group. Based on findings recently published by RiskIQ, Magecart was identified as being responsible for a recently publicized breach claiming upwards of 380,000 victims that had used the British Airways website or mobile application. As it turns out, a nearly identical data theft campaign was being carried out against Newegg at the same time. In fact, it appears the Newegg compromise may have started nearly a week earlier.
newegg
Volexity was able to verify the presence of malicious JavaScript code limited to a page on secure.newegg.com presented during the checkout process at Newegg. The malicious code specifically appeared once when moving to the Billing Information page while checking out. This page, located at the URL , would collect form data, siphoning it back to the attackers over SSL/TLS via the domain neweggstats.com.
Volexity believes that the Newegg website may have been compromised and actively facilitating financial theft for over a month. A key date in the Magecart attacks against Newegg come from the registration data of the neweggstats.com domain. The domain was registered on August 13, 2018 at approximately 16:36 UTC via Namecheap. This indicates the attackers had likely already compromised the Newegg website and were preparing to launch attacks. WHOIS information form the domain shows it was registered with privacy protection.
Through its global sensors network, Volexity was able to confirm attacks via Newegg three days later on August 16, 2018. Based on data that Volexity obtained from its sensor network, it appears the code may have been added somewhere between 15:45 and 20:20 UTC. It is possible that the attackers started earlier, however, Volexity's review of various networks with Newegg transactions earlier in the day and leading up to this time show no connections back to neweggstats.com.
Hello Maryse, we are truly sorry to hear about your dissatisfaction with Newegg. If you would like to leave direct feedback send us an email to community@newegg.com, in that email please include your order number.Thank you,Natalie [Newegg Support]
Hi Paul,That's definitely not okay and I'd like to apologize for you not receiving your item from one of our Marketplace sellers. If you're still in need of assistance, feel free to email us at wecare.service@newegg.com so we can look into this further for you.Thank you,Eva [Newegg Support] 041b061a72