British Airways hackers identified as Ticketmaster attackers

null

The group behind last week's British Airways has been identified by security researchers.

According to the team at RiskIQ, the perpetrators were a collective called Magecart, which is suspected of being behind recent attempts to attack Ticketmaster.

According to the company's press release, it first suspected Magecart was behind the attack after learning that it was web-based. It used its global web-crawling network to “confirm this assumption”.

Comparing the two events, they seem to be almost identical, with one key difference: “instead of compromising commonly used third-party functionality to gain access to hundreds of sites at once, Magecart operatives compromised the British Airways site directly and planned their attack around the site’s unique structure and functionality.”

"This attack is a highly targeted approach compared to what we’ve seen in the past with the Magecart skimmer,” said Yonathan Klijnsma, head researcher at RiskIQ. "This skimmer is attuned to how British Airways’ payment page is set up, which tells us that the attackers carefully considered how to target this site in particular."

Late last week, British Airways was hit with a cyber-attack which left more than 300,000 accounts compromised.

The hackers responsible for the attack were able to obtain the names, street and email addresses, credit card numbers, expiry dates and security codes of the airlines customers which would allow them to steal from their accounts.

Image Credit:  Bychykhin Olexandr / Shutterstock