Hundreds Of Counterfeit Online Shoe Stores Injected With Credit Card Skimmer – Comments

Malwarebytes researchers have discovered a credit card skimmer injected into hundreds of fraudulent sites selling brand name shoes. Many of these sites have been infected with malware that skims credit card information during the checkout process. All of the sites were running outdated versions of the Magento e-commerce platform and the PHP programming language it utilizes.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ameet Naik
Ameet Naik , Security Evangelist
InfoSec Expert
December 12, 2019 2:02 pm

Digital skimming and Magecart attacks are the biggest threat to even legitimate e-commerce sites. Short-lived counterfeit sites simply have no incentive to protect user data like credit card numbers. They use off-the-shelf platforms like Magento to quickly build an e-commerce site, promote it until the inventory runs out and then shut it down. This is a ripe playground for Magecart gangs since there are so few security controls.

By compromising just one platform like Magento, they can infect hundreds of sites without much extra effort. In fact, our research shows multiple Magecart attackers operating on some e-commerce sites at the same time.

Last edited 2 years ago by Ameet Naik
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x