A new Recorded Future threat analysis reveals that 300 restaurants and at least 50,000 payment cards have been compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.
“The online ordering platforms MenuDrive and Harbortouch were targeted by the same Magecart campaign, resulting in e-skimmer infections on 80 restaurants using MenuDrive and 74 using Harbortouch.
“We have identified more than 50,000 payment card records that were skimmed from these 311 restaurants and posted for sale on the dark web.
As the current MenuDrive and Harbortouch infections exist within a subdirectory on the platforms’ domains, many public website security scanners may not discover its presence. Additionally, the appearance of the Harbortouch infection only within the validated checkout webpage may further inhibit public security scanners. These difficulties reinforce the importance of static security scanning of the browser and server-side code of e-commerce websites to ensure attacks such as these are detected and remediated.”