back to article Hackers cop a FILA thousands of UK card deets after slinking onto clothing brand's servers

Sportswear brand FILA is the latest outfit to fall victim to card-stealing JavaScript of the kind that menaced British Airways and Ticketmaster last year. Russian security house Group-IB said it discovered and reported to FILA UK malware known as GMO that was active on the fashion brand's website for the past four months – and …

  1. IneptAdept

    Stop hosting 3rd party libs

    Just for the love of god stop it already

    1. Ragarath
      Joke

      Re: Stop hosting 3rd party libs

      How about we just stop javascript!

    2. Dabooka Silver badge
      FAIL

      Re: Stop hosting 3rd party libs

      It's not exactly a new thing after all, yet the madness persists.

  2. macjules Silver badge

    Wow

    Four separate Bootstrap libraries, 3 captcha libraries and just about 2 of every other library. Someone really does not know about uglification or compression of scripts. FYI Fila https://bytutorial.com/blogs/javascript/how-to-minify-js-and-css-files-using-gulp is a good tutorial on how to minify CSS or JS.

  3. Jon Smit

    Par for the course

    I've given up attempting to tell owners they've got malware running on their sites. Might as well be talking to a brick wall in most cases.

  4. Walter Bishop Silver badge
    Facepalm

    JavaScript intercepts credit card data?

    “One-line card stealing code downloads a JavaScript Sniffer once a customer lands on a checkout page, which intercepts credit card data and sends it to local storage.”

    Demonstrating yet again the unsuitability of using Credit Card numbers for online financial transactions.

    1. Korev Silver badge

      Re: JavaScript intercepts credit card data?

      Out of interest, what would you suggest as a replacement?

      1. NonSSL-Login

        Re: JavaScript intercepts credit card data?

        Single use virtual numbers on each online transaction. It already happens for some of my transactions automatically as my banks systems get invoked too.

  5. Valerion
    Joke

    FILA?

    Judging by who I see wearing their clothing, the card numbers were probably already stolen.

    1. Korev Silver badge
      Coat

      Re: FILA?

      I think you should tracksuit them down...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019