Beautydom Commodity website infected with malware
Sunday, April 29, 2018
Beautydom Commodity is a known Chinese manufacturer for Morphe Cosmetics, BH Cosmetics, Shany Cosmetics, Karity Cosmetics, Coastal Scents, and other similar lines. It's not really a secret since import records still show these companies - and others - use Beautydom Commodity for their eyeshadow palettes.
Recently several different beauty companies have had their websites and servers compromised which resulted in severe security breaches. Some of these companies notified the California Attorney General's office and as a result, letters affecting their customers should have been sent out. How these websites were compromised isn't public knowledge and it's possible even they don't know for sure or will ever know for sure but one way a website or server can be compromised is if the user logging in is on an infected system. This leads back to the companies that use Beautydom Commodity to manufacturer their eyeshadow palettes.
![]() |
Google Safe Browsing detecting malware on Beautydom Commodity. |
Beautydom Commodity is a cosmetic manufacturer based in China and recently every time I go to their site Google Safe Browsing stops me due to the fact that they detect malware on the Beautydom website. If their website is indeed compromised it's HIGHLY possible that the folks at BH Cosmetics, Shany, Morphe, Coastal Scents, Karity, and anyone else using Beautydom are at HIGH RISK for having their computer infected which in turn can spread to their websites and servers depending on the type of malware it is, the antivirus programs they use on their computers, the type of security patches their websites and servers have, and the type of malware and virus detection their web hosts have.
Bottomline is this: to the owners and representatives of those companies I mentioned - please inform your contacts at Beautydom Commodity so that they know their website (and server) is compromised. The last thing any of you need is to have your websites and servers compromised as it's easily avoidable. Get this taken care of as soon as possible and check your websites and servers to make sure you're not already compromised.
0 comments