French fashion online store Sixth June is offering shoppers more than the latest in men and women streetwear apparel as the site was infected some time ago with code that steals payment card info at checkout. The infosec community typically refers to this type of scripts as MageCart because they initially targeted sites using the Magento e-commerce platform.
They are also called e-skimmers because they collect data from a card when it is used for online purchases. Similar to the physical skimmers copying card data when used at an ATM to withdraw cash, an e-skimmer reads and stores the info from the checkout page and sends it to the attacker.
NEW Magecart attack – Fashion Brand Sixth June. The attack was discovered by RapidSpike's Security Researcher and is still active at this time. #Magecart #Malware #databreach #CyberSecurity #CyberSecMonth https://t.co/mcyf2QvMgo
— RapidSpike (@RapidSpike) October 28, 2019
Commenting on the news are the following security professionals: