In the recent news, Hackers gained access to dashboards used to remotely manage and control thousands of credit card payment terminals manufactured by digital payments giant Wiseasy, a cybersecurity startup. Wiseasy is a popular Android-based payment terminals maker used in restaurants, hotels, retail outlets, and schools across the Asia-Pacific region. Through its Wisecloud cloud service, Wiseeasy can remotely manage, configure and update customer terminals over the internet.
Wiseasy’s Employee Passwords Used to Access Payment Terminals Were Found on Dark Web
However, recently, Wiseasy’s employee passwords used for accessing Wiseasy’s cloud dashboards were found on a dark web marketplace actively used by cybercriminals, according to the startup. Youssef Mohamed, chief technology officer at pen-testing and dark web monitoring startup Buguard, told that the passwords were stolen by malware on the employee’s computers.
Moreover, Mohamed said two cloud dashboards were exposed, but neither were protected with basic security features, like two-factor authentication which allowed hackers to access nearly 140,000 Wiseasy payment terminals around the world. Payment systems are frequently targeted by financially driven hackers with the aim of skimming credit card numbers for committing fraud.
The Startup Has Not Yet Commented on the Securing of the Cloud Dashboards
Buguard said it first contacted Wiseasy about the compromised dashboards in early July, but efforts to disclose the compromise were met with meetings with executives that were later canceled without warning, and according to Mohamed, the company declined to say if or when the cloud dashboards would be secured.
Screenshots of the dashboards show an “admin” user with remote access to Wiseasy payment terminals, including the ability to lock the device and remotely install and remove apps. The dashboard also allowed anyone to view names, phone numbers, email addresses, and access permissions for Wiseasy dashboard users, including the ability to add new users.
Read more: Russian Hackers Are Now Injecting Malware into Google Drive
