report from ZDNet has highlighted that some notorious hackers have been able to breach two services designed for websites. As a result, they’ve infected more than 4,600 websites with malicious code. The two services in question are open source Alpaca Forms and analytics service Picreel. These attacks were first spotted by security researcher Willem de Groot.
With the help of the malicious script, which is still live, the hackers are able to record all the data that’s entered in the form fields. While the exact route of infection remains unknown, it seems that hackers have breached the CDN of Cloud CMS; Cloud CMS developed Alpaca Forms and open sourced it about 8 years ago.
As told to ZDNet, Cloud CMS has intervened and disabled the CDN that was serving the notorious script.
For a better understanding of the risk, let me briefly tell you about the infected projects. The open source Alpaca Forms lets one create interactive HTML5 forms for mobile apps and the web. It makes use of JSON Schema and Handlebars to help you create forms easily.
On the other hand, Picreel tracks the interactions made by website visitors by keeping an eye on their scrolls and mouse movements in real-time. With this data, the website owners can trigger targeted offers and collect leads.
Supply chain attack of the week: @Picreel_
marketing software got hacked last night, their 1200+ customer sites are now leaking data to an exfil server in Panama.
— Willem de Groot (@gwillem) May 12, 2019
Another example of supply chain attack
Also called a third-party or value-chain attack, a supply chain attack takes place when a hacker is able to enter the systems via some outside provider. With the expanding usage of third-party services and data sharing, this attack vector is becoming increasingly common these days. We’ve also seen attacks that involve installing a rootkit or hardware spy components in the devices right in the middle of the manufacturing process.
As per a report from cybersecurity firm Symantec, the supply chain attacks have increased by 78 percent between 2017 and 2018. As such attacks have a very high potential to cause financial damage to an organization, cybersecurity is also becoming an integral part of Supply Chain Management.