Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data - EVGA Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

Welcome, ! User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Mark Thread UnreadFlat Reading Mode ❐

Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data

Author Post Essentials Only Full Version
GTXJackBauer Omnipotent Enthusiast Total Posts : 10323 Reward points : 0 Joined: 2010/04/19 22:23:25 Location: (EVGA Discount) Associate Code : LMD3DNZM9LGK8GJ Status: offline Ribbons : 48 2018/09/19 19:14:39 (permalink) Newegg is investigating a data breach that may have compromised credit card details and other information about its customers, though the full extent of the damage is not yet known. "Yesterday, we learned one of our servers had been injected with malware which may have allowed some of your information to be acquired or accessed by a third party," Newegg CEO Danny Lee states in an email being sent out to potentially affected customers." The malware was quite sophisticated and we are conducting extensive research to determine exactly what information may have been acquired or accessed and how many customers may have been impacted." In other words, there are more questions than answers at this point, at least from Newegg. According to joint research conducted by RiskIQ and Volexity, however, the culprit is a data hacking group called Magecart. This is the same hacking entity that stole credit card data from British Airways and Ticketmaster. "It’s becoming clear to the industry that these simple yet clever attacks are not only devastating, they’re becoming more and more prevalent. Newegg is just the latest victim," RiskIQ stated in a blog post. Researchers from RiskIQ and Volexity say the attackers installed credit card skimming malware onto Newegg's website. They injected the malicious code into Newegg's payment processing page, basically hiding in plain site for more than a month, the researchers say. The stolen credit card data was then sent to a drop server on a domain the hackers had registered, initially parked at neweggstats.com. They obtained a security certificate for the site from Comodo so that it appeared legitimate. "Around August 14th, the attackers placed the skimmer code on Newegg, managing to integrate it into the checkout process and achieve their goal of disguising it well," RiskIQ says. If you've purchased anything at Newegg from on or around August 14 to September 18 this year, at minimum you should keep an eye on your credit card account, as Newegg suggests. It would be even better to request a new card with a new number. Newegg is planning to publish a related FAQ by Friday that will hopefully address exactly what data was compromised, and how many customers were affected. Source Well isn't that just swell. I would caution those that used Newegg for pre-orders. Pass the word around, including friends that might have been affected during that time period. Edit: I completely forgot how I made a purchase from them end of last month. OMG lol I hope since I used Paypal to make the payment, that I think it might be safe to say, I might be ok but not sure if I'm out of the woods yet. post edited by GTXJackBauer - 2018/09/20 20:43:45 *Interested in a KINGPIN /HYBRID/FTW3/3090 Ti/3080/3070/3060/3050 ?* Use this Associate Code at your checkouts or follow these instructions for Up to 10% OFF** on all your EVGA purchases: LMD3DNZM9LGK8GJ** #1 17 Replies Related Threads
Cool GTX EVGA Forum Moderator Total Posts : 30974 Reward points : 0 Joined: 2010/12/12 14:22:25 Location: Folding for the Greater Good Status: offline Ribbons : 122 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/19 19:24:35 (permalink) Thanks for post this Repast of the Key Information from OP post - is below for clarity If you've purchased anything at Newegg from on or around August 14 to September 18 this year, at minimum you should keep an eye on your credit card account, as Newegg suggests. It would be even better to request a new card with a new number. Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members I am a Volunteer Moderator - not an EVGA employee https://foldingathome.org -->become a citizen scientist and contribute your compute power to help fight global health threats *RTX Project* EVGA X99 FTWK *Nibbler* EVGA X99 Classified EVGA 3080Ti FTW3 Ultra #2
SethH Superclocked Member Total Posts : 228 Reward points : 0 Joined: 2013/03/12 18:12:47 Status: offline Ribbons : 2 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/19 20:12:14 (permalink) Cool GTX Thanks for post this Repast of the Key Information from OP post - is below for clarity If you've purchased anything at Newegg from on or around August 14 to September 18 this year, at minimum you should keep an eye on your credit card account, as Newegg suggests. It would be even better to request a new card with a new number. Lol I haven't purchased anything from Newegg since they gave out a bunch of customer information to the gov't. Looks like this was a small window of time so hopefully not too many are affected. This could've been waaaaay way worse. #3
notfordman Omnipotent Enthusiast Total Posts : 10345 Reward points : 0 Joined: 2007/08/09 23:52:23 Location: In a van, down by the Status: offline Ribbons : 28 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/19 20:33:40 (permalink) Wonderful! Thanks for posting GTXjack. Hackers Heatware : http://www.heatware.com/eval.php?id=68330 #4
kram36 The Destroyer Total Posts : 21477 Reward points : 0 Joined: 2009/10/27 19:00:58 Location: United States Status: offline Ribbons : 72 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 00:12:50 (permalink) Great, I used my bank card at Newegg on Sept 5th. #5
transdogmifier CLASSIFIED ULTRA Member Total Posts : 6116 Reward points : 0 Joined: 2003/09/05 14:26:21 Location: Orlando, Fl Status: offline Ribbons : 17 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 03:20:41 (permalink) kram36 Great, I used my bank card at Newegg on Sept 5th. Time to check it, and request a new card....eesh...I used my newegg credit card during that time frame.. AMD Ryzen 7900x3d Deepcool LT720 Gigabyte Aorus Elite AX X670 (Might change..don't like this board) eVGA GeForce RTX 3090 FTW3 Ultra Gaming (Hybrid kit on it) Asus ROG Swift PG43UQ 4k Monitor eVGA 1600W Supernova T2 PSU 32GB Kingston 6000 DDR5 (2x16GB) Fury Corsair MP600 Pro 2TB (Boot) Corsair MP600 2TB (Games/Data) Phanteks P500A Case #6
kram36 The Destroyer Total Posts : 21477 Reward points : 0 Joined: 2009/10/27 19:00:58 Location: United States Status: offline Ribbons : 72 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 03:54:37 (permalink) Why didn't Newegg send a email notice to us so that we would know about this? #7
Vlada011 Omnipotent Enthusiast Total Posts : 10257 Reward points : 0 Joined: 2012/03/25 00:14:05 Location: Belgrade-Serbia Status: offline Ribbons : 11 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 03:55:38 (permalink) Russians. Again. i7-5820K 4.5GHz/RVE10-EK Monoblock/Dominator Platinum 2666/ASUS GTX1080Ti Poseidon/SBZxR /Samsung 970 EVO PLus 1TB/850 EVO 1TB /EVGA 1200P2/Lian Li PC-O11WXC/EK XRES D5 Revo 100 Glass/Coolstream PE360-Noctua NF-A12x25 PWM x3 http://www.evga.com http://www.intel.com http://www.nvidia.com https://watercool.de http://www.lian-li.com https://www.youtube.com/watch?v=PHMun5xiRe0 https://xdevs.com/guide/2080ti_kpe/#intro https://www.evga.com/articles/01386/evga-sr-3-dark/ #8
Bobmitch Omnipotent Enthusiast Total Posts : 8327 Reward points : 0 Joined: 2007/05/07 09:36:29 Status: offline Ribbons : 47 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 06:17:18 (permalink) Thanks for the heads up! Luckily, I haven't purchased anything from the Egg in months...but I did remove my card on file from their database... MSI MAG X570 Tomahawk; Ryzen 9 5950X; Asus TUF RTX 4070 TI OC; Corsair H115i Pro; 32 GB Crucial Ballistix Elite DDR4-3600; Western Digital Black 4 TB SN850X NVMe; Creative SoundBlaster Z; Corsair HX 850i; Lian Li Lancool II; EVGA Z15 RGB Keyboard; and Razer Viper 8K Mouse Heatware: http://www.heatware.com/eval.php?id=72402 Affiliate code: 1L2RV0BNQ6 Associate Code: UD82LJP3Y1FIQPR #9
kram36 The Destroyer Total Posts : 21477 Reward points : 0 Joined: 2009/10/27 19:00:58 Location: United States Status: offline Ribbons : 72 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 06:17:36 (permalink) Vlada011 Russians. Again. You been watching too much CNN? #10
bdary Omnipotent Enthusiast Total Posts : 10327 Reward points : 0 Joined: 2008/04/25 14:08:16 Location: Florida Status: offline Ribbons : 116 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 06:32:20 (permalink) bobmitch Thanks for the heads up! Luckily, I haven't purchased anything from the Egg in months...but I did remove my card on file from their database... Good idea removing your card. I'm going to do the same. Haven't purchased anything since June... #11
aka_STEVE_b EGC Admin Total Posts : 17692 Reward points : 0 Joined: 2006/02/26 06:45:46 Location: OH Status: offline Ribbons : 69 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 07:07:40 (permalink) Yeah, real nice they keep sending sale emails everyday BUT NOTHING about this issue ......???.. AMD RYZEN 9 5900X 12-core cpu~ ASUS ROG Crosshair VIII Dark Hero ~ EVGA RTX 3080 Ti FTW3~ G.SKILL Trident Z NEO 32GB DDR4-3600 ~ Phanteks Eclipse P400s red case ~ EVGA SuperNOVA 1000 G+ PSU ~ Intel 660p M.2 drive~ Crucial MX300 275 GB SSD ~WD 2TB SSD ~CORSAIR H115i RGB Pro XT 280mm cooler ~ CORSAIR Dark Core RGB Pro mouse ~ CORSAIR K68 Mech keyboard ~ HGST 4TB Hd.~ AOC AGON 32" monitor 1440p @ 144Hz ~ Win 10 x64 #12
GTXJackBauer Omnipotent Enthusiast Total Posts : 10323 Reward points : 0 Joined: 2010/04/19 22:23:25 Location: (EVGA Discount) Associate Code : LMD3DNZM9LGK8GJ Status: offline Ribbons : 48 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 08:41:42 (permalink) If you had your CC on file with them, I would highly advise on a cancelation and a renewal of said CC as I feel at this point it's most likely been compromised. My next worry is if the Usernames and Passwords were compromised. Hope to hear something from them soon. post edited by GTXJackBauer - 2018/09/20 08:44:40 *Interested in a KINGPIN /HYBRID/FTW3/3090 Ti/3080/3070/3060/3050 ?* Use this Associate Code at your checkouts or follow these instructions for Up to 10% OFF** on all your EVGA purchases: LMD3DNZM9LGK8GJ** #13
ty_ger07 Insert Custom Title Here Total Posts : 21170 Reward points : 0 Joined: 2008/04/10 23:48:15 Location: traveler Status: offline Ribbons : 270 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/20 11:39:49 (permalink) GTXJackBauerMy next worry is if the Usernames and Passwords were compromised. Passwords should always be safe for any proper website. The worst they should be able to obtain are password hashes which are next to useless. A password hash is the result of a convoluted mathematical operation which can confirm that an entered password produces the same hash result, but should be completely unfeasible to calculate backwards. I could give you one of my password hashes, and unless we ever design a computer able to efficiently run Shor's Algorithm, it should take you until after the heat death of our universe to find the password which matches the hash. If we ever design a proper quantum computer able to run Shor's Algorithm, the entire infrastructure of the internet will crumble and everything which was private will no longer be private; so your Newegg password will be the least of your worries at that point. But, that isn't to say that a 6-digit password like admin1 can't be brute forced in less than a second. But, that is a different thing entirely (user error). Here is a bcrypt password hash. $2y$18$Y82pRJSRcwVaA3t/PqBAiO6ZYuIFrpsldy9mMqw2wwjd25c3cQMm. Good luck! The trick is that your password should not be stored anywhere on the website and therefore it isn't possible to leak the password. A website should never know your password. The website should only be able to determine if the password you just entered is the same as the password you entered previously because the hash result is the same. The mind-blowing truth is that, assuming that a website accepts infinitely long password entries, there are infinitely many passwords which would be acceptable for your password hash. So, an acceptable password could be found which is nowhere similar to your true password. But the thing is that it should be nearly infinitely hard to find any of those password solutions and is therefore unfeasible to crack your password given a known password hash result. It's only when websites pay absolutely no attention to modern good security practices that it is possible to leak passwords. And when that happens, the website owners deserve it. There are many different kinds of hashing algorithms, but these videos should give you a great overview of their general principles. Please watch. They are very good videos and well worth 30 minutes of your time. I can provide many more, if interested. One way quantum computers could be extremely powerful for cracking encryption (and why presently existing Quantum Annealer computers aren't truly quantum computers): Why users should pick good passwords (in case the developers are lazy) and why developers should stay current with modern security practices such as salted hashes (showcases how broken MD5 is): post edited by ty_ger07 - 2018/09/23 17:55:40 ASRock Z77 • Intel Core i7 3770K • EVGA GTX 1080 • Samsung 850 Pro • Seasonic PRIME 600W Titanium My EVGA Score: 1546 • Zero Associates Points • I don't shill #14
Dave3d SSC Member Total Posts : 720 Reward points : 0 Joined: 2008/09/04 13:20:44 Status: offline Ribbons : 1 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/22 18:03:29 (permalink) OMG! I just bought a card from them yesterday! I hope they didnt inject anything else that WASNT found! :( Amazon FTW from now on lol/JK. I7 9700k water cooled-32GB Ram-Zotac 2080 x2 SLI-Asrock Z390 SLI mobo-EVGA 1600W G2 psu-ABS Glass case-2560x1440 144hz IPS monitor-Windows 10 Home #15
09973 iCX Member Total Posts : 474 Reward points : 0 Joined: 2008/01/10 11:05:19 Status: offline Ribbons : 2 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/23 16:58:18 (permalink) This exact reason is why I encourage usage of paypal when possible!! Not that it is a completely safe option it just makes it harder for them haxors to get my payment info but still never impossible As long as your popular enough, you can get away with anything. #16
Hoggle EVGA Forum Moderator Total Posts : 10101 Reward points : 0 Joined: 2003/10/13 22:10:45 Location: Eugene, OR Status: offline Ribbons : 4 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/23 17:16:19 (permalink) 09973 This exact reason is why I encourage usage of paypal when possible!! Not that it is a completely safe option it just makes it harder for them haxors to get my payment info but still never impossible To bad it's not 100% safe to use Paypal since less then a year ago congress wanted information on how Paypal got breached. Use an Associates Code & SAVE 5% - 10% on your purchase. Just click on the associates banner to save, or enter the associates code at checkout on your next purchase. If you choose to use my code I want to personally say "Thank You" for using it. #17
KLEYBA SSC Member Total Posts : 936 Reward points : 0 Joined: 2005/01/30 15:53:56 Status: offline Ribbons : 12 Re: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data 2018/09/23 17:26:58 (permalink) thanx for the info. I too bought from newegg within the time frame. great. now I need to redo my card. #18

Jump to:

Back to Mobile