ioc[.]one - OSINT Cyber Threat Intelligence Database

Cardbleed: 3% of Magento install base hacked – Sansec

Tags

country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	9c2b81b3-0056-4c1d-aac8-e13ae3a7c141
Fingerprint	f8900986fc5fa6fe
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 14, 2020, midnight
Added to db	Oct. 22, 2023, 10:39 p.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	Cardbleed: 3% of Magento install base hacked
Title	Cardbleed: 3% of Magento install base hacked – Sansec
Detected Hints/Tags/Attributes	35/3/23

Source URLs

	Redirection	Url
Details	Redirection	http://sansec.io/research/cardbleed
Details	Redirection	https://sansec.io/research/cardbleed/
Details	Source	https://sansec.io/research/largest-magento-hack-to-date
Details	Source	https://sansec.io/research/cardbleed

URL Provider

Details	Provider	Source level domain
Details	sansec.io	sansec.io

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	221	✔	Sansec - experts in eCommerce security	https://sansec.io/atom.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	2	mcdnn.net
Details	Domain	2	ajaxcloudflare.com
Details	Domain	2	consoler.in
Details	Domain	2	imags.pw
Details	Domain	2	mcdnn.me
Details	Domain	1	facelook.no
Details	File	5	mysql.php
Details	File	6	prototype.js
Details	File	1206	index.php
Details	File	4	mage.php
Details	File	1	neko.php
Details	File	4	widget.js
Details	File	1	502.jsp
Details	File	3	jet.js
Details	File	4	pixel.js
Details	IPv4	1	92.242.62.210
Details	IPv4	1	91.121.94.121
Details	Url	1	https://imags.pw/502.jsp
Details	Url	2	https://mcdnn.me/121082/assets/js/jet.js
Details	Url	2	https://mcdnn.me/121192/assets/js/jet.js
Details	Url	1	https://mcdnn.net/122002/assets/js/widget.js
Details	Url	1	http://facelook.no/en_us/pixel.js
Details	Url	1	https://consoler.in/502.jsp