NutriBullet Website Infected by Credit Card-Stealing Malware

Share Article
In Brief
  • Popular blender maker NutriBullet was recently targeted by hackers.

  • The group behind the attack was likely Magecart, and they managed to infect the website with credit card stealing malware.

  • NutriBullet fought each time it was attacked, but the hackers were relentless.

  • promo

    Free Cloud Mining Providers to Mine Bitcoin in 2021

The Trust Project is an international consortium of news organizations building standards of transparency.

New reports indicate that Magecart hackers made their return, with multiple break-ins into the NutriBullet website.



A recent report by security researchers at RiskIQ revealed that popular blender maker NutriBullet was recently targeted by hackers. NutriBullet’s website reportedly suffered several attacks over the course of the last two months. [TechCrunch]



During the attacks, hackers managed to infect it with credit card stealing malware, which was found by researchers on the site’s payment pages. The malware stole data such as credit card numbers, expiry dates, card verification values, users’ names, billing addresses, and the like.

All of the stolen data was scraped and sent to a hacker-owned server, only to be sold to buyers on various dark web marketplaces.

Furthermore, it is also known that NutriBullet fought each time it was attacked, and each time it removed the malicious code that the hackers injected. However, hackers managed to keep accessing the firm’s infrastructure, which allowed them to infect it yet again as recently as last week.

Yonathan Klijnsma, head of research at RiskIQ, recommended that the company’s customers should not use the website until the firm has the chance to perform a complete cleanup. Meanwhile, NutriBullet’s Peter Huh, who acts as a chief information officer, confirmed that the company’s defenses were breached once again.

He said that the firm has launched forensic investigations into the breach and that it is working with online security specialists to prevent further attacks from managing the same. However, Huh did not reveal which firm is assisting NutriBullet.

The group behind the attack is believed to be Magecart, which is actually a hacker group of groups. As far as it is known, each of these groups has its own end-game, but they all mostly use the same approach when performing an attack. So far, there are eight known groups that are focused on stealing credit card data.

Magecart hackers were also known to attack numerous other businesses in the past, including the American Cancer Society, Ticketmaster, Newegg, and British Airways.


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Related topics

Ali is a freelance journalist, having 7 years of experience in web journalism and marketing. He contributes to various online publications. Ali holds a master degree in finance and enjoys writing about cryptocurrencies and fintech. Ali's work has been published on a number of well-known publications in crypto and cybersecurity niches. When he is not working, he loves traveling and playing games.

Follow Author

Crypto predictions with the Best Telegram Signal with +70% accuracy!

Join now

Free Cloud Mining Providers to Mine Bitcoin in 2021


How To Mine Cryptocurrency: Beginner’s Guide

Let's Go