A group of hackers has compromised the security of 4,600 active websites in the network to collect and extract personal and banking data from users. The breach occurred through the Picreel systems, used for behavioral and interaction analysis, and Alpaca Forms, an open source platform for forms creation.
The discovery was made by Willem de Groot, founder Sanguine Security, a company specializing in information security. According to him, the criminals were able to insert malicious code into solutions of the two companies so that the information entered by the users in form fields were collected and sent to a server in Panama. The data includes emails, passwords and other access credentials, as well as personal and financial information that may be present in user registries.
According to information from Groot, the failure of Picreel reaches 1,249 sites , while the gap in Alpaca Forms is present in 3,435 domains . Complete lists of those reached were provided by Sanguine Security and include important sites such as the Spanish postal service, the Meritus international chain website and even Forbes magazine, as well as Brazilian sites that provide voice over IP subscriptions.
To solve the problem, Cloud CMS removed the content delivery system and completely mitigated the problem for those who use Alpaca Forms from their official infrastructure. The company vehemently denied any compromise in its internal systems and reassured its users, stating that there was no compromise of customer data as a result of the breach.
For ordinary users, it is worth checking the lists provided by Sanguine Security for services that have been used recently. If one is present, the ideal is to exchange passwords of access in all the platforms that share the same credentials; if banking information is involved, pay attention to credit card bills and statements, and keep an eye on any scam attempts that may come via email, instant messengers, or other means.