So far, hundreds of affected users have reported suspicious activity on their credit cards to the official Reddit and OnePlus forums. According to many reports, the first fraud attempt was made within a year of the user using a credit card to purchase items from the OnePlus website. Fidus said that although the attacks seem real, their research shows that the OnePlus site has not been corrupted in any way. On the contrary, it shows that the attack may come from the weakest link – Magento e-commerce platform.
Image: thenextweb
The cybersecurity expert said payments integration that had previously been hacked multiple times was often the target of malicious actors. Analysis of the payment process on the OnePlus website shows that the payment page requesting customer card details is hosted on the site, meaning that all payment details entered, though simple, can flow through the OnePlus website and can be intercepted by an attacker.
While payment details are sent to third-party providers when the form is submitted, malicious code can take advantage of one of the windows to steal credit card details before the data is encrypted. While OnePlus has not released an official statement about the incident, moderators in its forums are skeptical about the accuracy of Fidus’s research, arguing that the proposed attack vectors are not consistent with the evidence.
Reference: thenextweb
