topic Re: Malware dormant for 6 years (how does this happen?) in Tech Talk

Malware dormant for 6 years (how does this happen?)

ErikCamacho — Thu, 08 May 2025 01:10:44 GMT

I read this morning an article posted by TLDR that hundreds of e-commerce sites hacked in supply chain attack...

"The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained dormant for six years and became active only in the last few weeks."

How does this happen? 😱

Source:

Hundreds of e-commerce sites hacked in supply-chain attack

Re: Malware dormant for 6 years (how does this happen?)

Steve-Wilme — Thu, 08 May 2025 09:08:49 GMT

And this is why PCI DSS v4.0.1 has an additional control 11.6.1 for merchants to implement mechanisms to detect tampering to scripts that execute within customer browsers.

Re: Malware dormant for 6 years (how does this happen?)

ErikCamacho — Thu, 08 May 2025 15:14:41 GMT

Yikes, it sounds like they were either concerned about processing the payments without concern for consumers, or some folks were sleeping on the job.

This is not my background, but a solution is spelled out.

Guidance-for-PCI-DSS-Requirements-6_4_3-and-11_6_1-r1.pdf

Re: Malware dormant for 6 years (how does this happen?)

dcontesti — Thu, 08 May 2025 20:21:53 GMT

Unfortunately, malware being dormant is not new to the industry. We have seen malware lie dormant waiting for a specific date or time, or even only being active on specific platforms.

There is a lot of intelligence built into some malware.

Re: Malware dormant for 6 years (how does this happen?)

eclipse_8 — Wed, 28 May 2025 11:45:18 GMT

That's a very patient logic bomb 😮.

Re: Malware dormant for 6 years (how does this happen?)

ErikCamacho — Fri, 30 May 2025 00:49:01 GMT

I hear that patience is a virtue 🤔 maybe not so much here.