1,236 Websites Exposed by Researchers to be Infected With Credit Card Stealers

As reported by Bleeping Computer, in just a few weeks, the security researcher Max Kersten collected over 1,000 domains with payment card skimmers. It exposes the reality that MageCart is still a prevalent threat that targets unprotected webshops.

A decade ago, Magecart was first discovered by cybersecurity company RiskIQ. But in the past two years, the attacks have drastically increased hitting large companies like  British AirwaysTicketmasterOXONewegg. That is why automated systems assigned to this threat discovered hundreds of thousands of websites that on checkout pages malicious JavaScript made to rob shoppers of their card data.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
May 13, 2020 11:37 am

Web card skimming can be extremely lucrative when it works, which is why cybercriminals are going to great lengths to achieve the perfect digital heist. Once pulled off, it can often be months before the alarm bells ring. At a time like this, many companies may take their eye off the ball, but these threat actors are persistent and will exploit anywhere they can.

The automated nature of these attacks suggests that the code used in the website was not properly secured as the attackers were able to automatically spot which sites had vulnerabilities. This highlights the need for web developers, especially ones dealing with inputs of sensitive information like credit cards, to keep updated for any discovered vulnerabilities to reduce exposure. The likes of Ticketmaster and British Airways have been struck in the past like this so these attackers are clearly aiming big.

Last edited 2 years ago by Jake Moore
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x