News Keeper group hacked 570 online stores in three years


Jun 28, 2020
Reaction score
Cybercriminals also accidentally left in the public domain more than 184 thousand stolen payment card data.


Over the past three years, the Keeper cybercrime group has carried out about 570 hacking e-commerce sites. Attackers cracked the backends of online stores, changed their source code and introduced malicious scripts that stole payment card data entered by customers on the order form.

As reportedspecialists from Gemini Advisory, Keeper began her criminal activity at least in April 2017 and now also remains active. Experts were able to track the activities of the group, since Keeper used the same control panels for internal servers, where they collected the stolen data of payment cards of customers of hacked stores. The experts got access to the addresses of the server panels, malicious URLs used to host the software infrastructure, as well as a list of hacked online stores into which Keeper embedded its scripts.

Nearly 85% of the 570 hacked stores operated on the Magento e-commerce management platform.

According to experts, the criminals did not properly protect one of their internal panels, where hackers sent the stolen payment card data. Cybercriminals managed to steal about 184 thousand data of payment cards from July 2018 to April 2019. For all the time of their activity, the attackers managed to steal about 700 thousand data of payment cards. According to experts, Keeper earned more than $ 7 million through her criminal actions.
Top Bottom