loader gif

Attackers compromised Best of the Web Trust Seal to inject keyloggers

Attackers compromised Best of the Web Trust Seal to inject keyloggers
  • Best of the Web’s Trust Seal script which was hosted on Amazon’s content delivery network (CDN) has been compromised by attackers.
  • The Trust Seal script was compromised to deploy two key logging scripts that are designed to sniff keystrokes from visitors.

A security researcher named Willem de Groot discovered that the Trust Seal of Best of the Web has been compromised and contains two different keyloggers.

The big picture

Best of the Web’s Trust Seal script which was hosted on Amazon’s content delivery network (CDN) has been compromised by attackers. The Trust Seal script was compromised to deploy two key logging scripts that are designed to sniff keystrokes from visitors.

The security researcher who uncovered the issue notified Best of the Web, and the company responded quickly by fixing the issue. The company also notified all the potentially impacted customers about the incident.

“Earlier today, we were notified that the script we use to display trust seals that we host on Amazon’s content delivery network (CDN) was compromised. We took immediate action to remedy the situation and are in the process of informing those who were affected. We will be conducting a full security audit of our hosted accounts to ensure that this does not happen again,” Best of the Web told BleepingComputer.

What is the impact?

The compromised Trust Seal script is present on hundreds of websites including xcoins, Custom Equipment Company, Office stationery, and more. The complete list of the websites can be found here.

The keystroke logging scripts uncovered by de Groot were encoded, however, the security researcher managed to decode them.

The company is currently conducting a complete security audit of its hosted accounts in order to avoid such incidents from happening in the future.

loader gif