WASHINGTON—A new report indicates that hackers infiltrated a website used to fund the campaigns of Republican senators and for more than six months collected donors' personal information, including full names, addresses, and credit card data.
ARS Technica reported that the storefront for the National Republican Senatorial Committee was one of about 5,900 e-commerce platforms recently found to be compromised by malicious skimming software.
The website stated that the NSRC site was infected from March 16 to Oct. 5 by malware that sent donors' credit card data to attacker-controlled domains. One of the addresses—jquery-code.su—is hosted by dataflow.su, a service that provides so-called bulletproof hosting to money launderers, sellers of synthetic drugs and stolen credit card data, and other providers of illicit wares or services.
Researcher and developer Willem de Groot De Groot, in website post, stated that it's not clear how many credit cards were compromised over the six months the site was infected, ARS Technica reported, adding that based on data from TrafficEstimates, the NRSC site received about 350,000 visits per month.
“Assuming 1% of those visits involved the visitor using a credit card, that would translate to 3,500 transactions per month, or about 21,000 transactions over the time the site was compromised. Assuming a black market value of $4 to $21 per compromised card, the crooks behind the hack may have generated revenue of $600,000,” ARS Technica reported.
"This clever form of card skimming has been going for a while, at least since March," said de Groot. "The culprits are hiding behind a shell company in Belize. Their business is growing rapidly."