Patrons of the National Republican Senatorial Committee's merchandise, such as #NeverHillary stickers or Make America Great Again wristbands, may be in for a nasty surprise. Why? Well, there's a pretty good chance that credit card details from these transactions are being sold online by Russian hackers right now.
The complete list of sites he discovered ran the gamut from niche, hardly-trafficked storefronts like throwingknives.co.uk all the way up to major ergonomic kitchen gadget-maker OXO. And of course, the NRSC, which was infected with card-swiping malware for a full six months.
In fairness, the NRSC patched its compromised store shortly after de Groot published his blog post. However, the more difficult issue is tracking down the hackers who had thusly swiped data from unsuspecting buyers of #NeverHillary stickers or a Make America Great Again wristband. De Groot was able to follow the skimmed data to a Russian site registered in Belize, and he estimates the total black market value of harvested information from GOP donors is roughly $US600,000 ($786,885). It's unclear if the hackers have already sold the data.
The lesson here is no matter what stupid shit you buy online, at some point, your credit card will probably end up on Alphabay.