Hundreds Of Counterfeit Online Shoe Stores Injected With Credit Card Skimmer – Comments

Malwarebytes researchers have discovered a credit card skimmer injected into hundreds of fraudulent sites selling brand name shoes. Many of these sites have been infected with malware that skims credit card information during the checkout process. All of the sites were running outdated versions of the Magento e-commerce platform and the PHP programming language it utilizes.

Experts Comments

December 12, 2019
Ameet Naik
Security Evangelist
PerimeterX
Digital skimming and Magecart attacks are the biggest threat to even legitimate e-commerce sites. Short-lived counterfeit sites simply have no incentive to protect user data like credit card numbers. They use off-the-shelf platforms like Magento to quickly build an e-commerce site, promote it until the inventory runs out and then shut it down. This is a ripe playground for Magecart gangs since there are so few security controls. By compromising just one platform like Magento, they can.....Read More
Digital skimming and Magecart attacks are the biggest threat to even legitimate e-commerce sites. Short-lived counterfeit sites simply have no incentive to protect user data like credit card numbers. They use off-the-shelf platforms like Magento to quickly build an e-commerce site, promote it until the inventory runs out and then shut it down. This is a ripe playground for Magecart gangs since there are so few security controls. By compromising just one platform like Magento, they can infect hundreds of sites without much extra effort. In fact, our research shows multiple Magecart attackers operating on some e-commerce sites at the same time.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT
Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts