According to a new report, these attacks were designed to redirect traffic directed at the payment processors to servers controlled by malicious actors who would then attempt to steal the data.
The attacks were spotted by Oracle and appeared on different dates in July 2018. The first attack started on July 6th 2018 with a short duration attack that attempted to reroute some network prefixes or blocks of IP addresses, Bleeping Computer has cited Oracle. These attacks were targeting the Vantiv and Datawire payment processing companies.
On July 10th another attack was conducted that tried to reroute the same prefixes, but according to Oracle, this time it lasted for 30 minutes. The attackers conducted further hijacks throughout July 2018, including one attack on Mercury Payment Systems and another attack on Vantiv and Datawire that lasted as long as 3 hours.
Oracle thinks this may be just the beginning of these types of attacks.
Bleeping Computer has reached out to Vantiv, and Datawire for comment, but had not heard back at the time of this publication.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now