Connect with us

Hackers Manage To Steal Sensitive Data From 4,600 Sites

Image Credit: ZDNet

Nothing like a little healthy paranoia to make your weekend interesting.

If you needed another reason to keep your passwords different per website, we’ve got one right here for you.

A massive cyber attack occurred this week as hackers managed to insert malware into the code used by Picreel and open-source Alpaca Forms, both commonly utilized by various websites. The attack resulted in over 4,600 websites being put at risk of having their users’ payment data and passwords stolen.

The first part of the hack consisted of the hacking of Picreel, which affected more than 1,200 websites. A CloudCMS hack also occurred, this one affecting 3,400 websites. The incidents were revealed by researcher Willem de Groot on Twitter.

However, CloudCMS replied to the tweet, saying that the incident only affected the open-source project Alpaca Forms. “We investigated this. It wasn’t related to Cloud CMS but rather to the Alpaca forms open source project.”

CloudCMS also gave a probable explanation as to how the hack happened. “The Alpaca CDN was origin backed. It seems like a basic httpd known vulnerability they may have exploited.”

As of writing, CloudCMS has already begun removing the infected JavaScript files from the affected websites. Still, may this serve as a lesson to everyone to always keep their accounts as secure as possible and to never reuse passwords in different websites.