The problem lies with version 4.0.30319 of ASP.NET which is no longer officially supported by Microsoft and contains multiple vulnerabilities which makes it easier for attackers to exploit them.
CERT-In has advised websites using ASP.NET web framework and IIS web server to use the latest version and conduct security audits of web application, web server and database server, in addition to checking web server directories regularly for any malicious web shell files and remove them before they can be exploited.
CERT-In refers to a recent Malwarebytes Labs report, which found a known vulnerability (CVE-2017-9248) for ASP.NET that has been exploited recently to steal credit card credentials.
ASP.NET is a widely used web application framework by websites running shopping cart applications. The compromised websites found by Malwarebytes Labs had a shopping cart which was targeted by attackers.
Researchers point out, the skimming campaign started sometime in April.
Due to covid-19 online transactions and payments have increased considerably. This has widened the attack surface for hackers. While CERT-IN's warning was specific to a few websites that were using the outdated web server framework, in another recent instance attackers have been found to be targeting mobile apps to steal card details.
Cybersecurity firm ThreatFabric has recently detected a new malware called BlackRock which has targeted over 337 Android apps.
It uses overlays (fake window) with keylogger functionality on top of a legitimate app prompting users to enter card details to get access into the app. As the users enter the card details the keylogger captures them to forward to attackers.
Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.
Never miss a story! Stay connected and informed with Mint.
our App Now!!