For the fourth time in its history, The North Face has notified customers that their account may have been compromised. This time, the company laid blame on a credential stuffing attack.
The North Face is best known for its line of outdoor clothing, footwear, and related equipment. With an annual revenue of over $3 billion, companies like The North Face are on the radar of cybercriminals. The notice from The North Face says: “On April 23, 2025, we discovered unusual activity involving our website, thenorthface.com (“Website”), which we investigated immediately. Following a careful and prompt investigation, we concluded that an attacker had launched a small-scale credential stuffing attack against our Website on April 23, 2025.”
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Emotet malware now steals your email attachments to attack contacts
July 29, 2020
The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets’ systems. This is the first time the botnet is using stolen attachments to add credibility to emails as Binary Defense threat researcher James Quinn told BleepingComputer. The attachment stealer module code — that also steals email ...
- Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
July 28, 2020
Following the initial disclosure of two F5 BIG-IP vulnerabilities on the first week of July, we continued monitoring and analyzing the vulnerabilities and other related activities to further understand their severities. Based on the workaround published for CVE-2020-5902, we found an internet of things (IoT) Mirai botnet downloader (detected by Trend Micro as Trojan.SH.MIRAI.BOI) that ...
- Lazarus on the hunt for big game
July 28, 2020
We may only be six months in, but there’s little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. By investigating a number of these incidents and through discussions with some of our ...
- Cerberus Android malware source code offered for sale for $100,000
July 27, 2020
The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money. The price includes everything from source code to customer list along with installation guide and the scripts to make components work together. For at least one year, the group behind ...
- Garmin obtains decryption key after ransomware attack
July 27, 2020
Smartwatch maker Garmin has obtained the decryption key to recover its computer files from a ransomware attack last Thursday, Sky News has learned. Last week, Garmin’s services were taken offline after hackers infected the company’s networks with a ransomware virus known as WastedLocker. A number of the company’s services are operational again and the business has now ...
- Ensiko: A Webshell With Ransomware Capabilities
July 27, 2020
Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the capability to remotely control the system and accept commands to perform malicious activities on the infected machine. It can also execute shell commands on an infected ...