Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

Skimmer supply chain attack targets 100 Sotheby’s real estate sites

supply-chain-freepik (1).jpg
January 7, 2022

A new web skimmer campaign has targeted real estate websites by attacking the cloud video distribution supply chain, according to Unit 42 research.


Often, supply chain networks are targets since controlling a weak link in the supply chain allows attackers access to more victims, especially when the weak link is the source of the supply chain. In this case, the attacker injected the skimmer JavaScript codes into the video, so whenever others import the footage, their websites get embedded with skimmer codes.


Hank Schless, Senior Manager, Security Solutions at Lookout, an endpoint-to-cloud security company, explains, “By injecting malicious code into front-end web pages, formjacking campaigns are a common way for threat actors to steal sensitive data. Since the actor can customize the malicious form, they could easily slip into a field that’s tangentially aligned with the host website’s actual intention. For example, in this incident with a real estate site, the attacker could ask for all of the basic information but add a line for the user’s social security number to validate their credit. This same tactic could be used to swipe corporate login credentials from employees. Creating a fake login form would be just as straightforward as any other data-collecting form.”


Unit 42 researchers detected more than 100 real estate sites that were compromised by the same skimmer attack. After analysis, researchers found that all the compromised sites belong to one parent company, Sotheby’s. All these compromised sites are importing the same video (accompanied by malicious scripts) from a cloud video platform.


The compromise-one-to-compromise-many is an emerging tactic across commodity malware and low-level cybercriminals. The problem is rooted in how interconnected our digital systems have become, says Davis McCarthy, Principal Security Researcher at Valtix, a cloud-native network security services provider. “Detecting supply chain compromise in the cloud is difficult because visibility isn’t shared equally across all involved parties; the account holder, the SaaS provider, the compromised website owner, and the victimized end user. Abuse is injected into the trust inherited by each party leading to a massive visibility gap. Across the board, detecting abnormal authentication events, monitoring for suspicious domain queries, leveraging threat intelligence to prevent known threats, and auditing deployed services can aid in mitigating this level of compromise.”


Regardless of the intent, Schless says, the greater lesson in this incident is that it’s necessary to know who has access to your cloud-based assets and how users interact with data. He adds, “Whether it’s a front-end webpage or sensitive data stored in your back-end infrastructure, visibility is king. As every organization expands its web and cloud-based presence, they need to be sure that security is part of developing and managing these modern assets. Integrating security into the mindset of every team will benefit the organization as a whole, and implementing the right solutions that protect your employees, users, and data without increasing operational complexity is a key aspect of any modern security strategy.”


In 2018, Sotheby’s revealed that its website had been infected with magecart for 19 months, and also admitted the attack period could have been even longer than 19 months. Nadav Levy, senior product manager of Cyberpion, says, “It is clear that Sotheby’s didn’t fully rectify the situation since their initial Magecart attack in 2018. Formjacking a very common and effective technique in supply chain attacks. Now more than ever, it is critical for companies to continually monitor their supply chains to prevent repeat attacks. In addition, companies need to periodically load their scripts to check if they have been manipulated. They should also inspect to see if scripts are being added to pages and then report or block unintended behavior.”

KEYWORDS: cyber security information security risk management supply chain

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • software supply chain

    $9 million research grant targets software supply chain security

    See More
  • ransomware-attack freepik

    Up to 1500 businesses affected by Kaseya supply chain ransomware attack

    See More
  • Blue spun connections

    Software supply chain experiences almost 1 attack every 2 days

    See More

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing