The RiskIQ researcher analyzed the code from the BA website and the app when they broke the end of August.
He has claimed that the “skimming” script is designed to steal financial information from online payment forms.
BA said it was unable to comment.
A similar similar attack by a group of Magecart sinked, recently ticketed the master’s website, in which RiskIQ also analyzed it.
The company said that the code found on the CA site was very similar, but it appears that the airline site was designed.
This special scanner indicates a very high indication of how to set up a British Airways payment page, which tells us that the invaders are carefully considered to be rather than regularly used for regular marketing schemes injection. How to target the site. “The investigation wrote in the results of a report.
“The infrastructure used in this attack was kept in mind with British Airways and according to them, they were well-equipped scripts that would meet with general payment processing to prevent detection. ”
Such a hack uses a fast-moving trend, which has many pieces of large web sites code than many other sources or third-party suppliers.
This type of code may be necessary for a specific job, such as the user’s payment or payment of the user’s permission. But unfortunately the code can be flipped instead – it is known as supply chain attack.
In the BA case, hackers have stolen names, email addresses and credit card details – long-term, expiration date and three-digit CVV security codes.
In a statement, BA said “as it is a criminal investigation, we are not able to comment on it.”
The British National Crime Agency spokeswoman said it was aware of the threat, but would not comment on this.
RiskIQ said the abusive script code contains just 22 lines. He worked by holding data from the CA online payment form, and then the customers sent hackers to the server after the “Collect” button hit.
The cyber security firm further said the invaders have also helped to collect data from mobile app users clearly because the same script is full of mentioning government tax and carrier allegations in the app. Had happened
“This page [[in app] is created with … the ingredients as a real web site, meaning that according to the design and functionality, it is the overall match,” the RiskIQ report noted.
RiskIQ is recommended that a disadvantaged BA users get a new debit or credit card from their bank.
The firm pointed out that behind the attack, he decided to target specific brands clearly and most of the similar nature was violated.
Cyber security expert Kevin Beomont told the BBC: “There is a very obvious threat, where the most vulnerable link in the payment process is being actively targeted.”
“And this weakest link in China often puts the old system or third-party code in the payment chain.”
Oxford University cyber security researchers Andrew Daveev added that the invaders have seen their “extraordinary length” so that the code should be put on the CA site.
According to RiskIQ, they also acquired a secure socket layer (SSL) certificate – which consults with web browsers, is not always accurate, that the web page is safe to use.
If it was really true how to attack, adding, there are ways to prevent third-party code of data from sensitive web pages.
He told the BBC that “BA might be able to see it.”