Expert On US Local Government Services Targeted By New Magecart Attack

According to researchers, eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. The  compromised sites appear to have been built using Click2Gov, a web-based platform used by local governments to provide services such as community engagement, issues reporting, and online payment for local governments. Residents can use the platform to pay for city services, such as utilities.

Experts Comments

June 29, 2020
Deepak Patel
Security Evangelist
PerimeterX
Attackers continue to exploit web servers to inject skimming code on websites. Any website where users are providing personal information like credentials or payment information is valuable to attackers. While Magecart attackers are getting a lot of visibility, the same techniques can be used to skim any data provided by users on any website. The recent discoveries are just the tip of the iceberg. Such attacks that bypass the web infrastructure of the website owner and typically exploit.....Read More
Attackers continue to exploit web servers to inject skimming code on websites. Any website where users are providing personal information like credentials or payment information is valuable to attackers. While Magecart attackers are getting a lot of visibility, the same techniques can be used to skim any data provided by users on any website. The recent discoveries are just the tip of the iceberg. Such attacks that bypass the web infrastructure of the website owner and typically exploit third-party scripts on the website are only getting started. If your website handles user payment information or any PII data, it is paramount to address these threats by investing in real-time client-side visibility for all the first,- third,- fourth- or fifth-party scripts powering your website.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.