Segway Online Store Hacked via Magecart

Researchers have identified a web skimmer on Segway’s online store that enabled threat actors to steal credit cards and customer information when they checked out. Segway is the maker of two-wheeled, self-balancing personal transporters Segway store compromised with Magecart skimmer | Malwarebytes Labs.

Experts Comments

January 26, 2022
Uriel Maimon
Senior Director of Emerging Technologies
PerimeterX

Magecart attackers continue get more creative with their techniques in order to evade detection, especially given advancements in security solutions over the years. By hiding the skimmer script inside a favicon pretending to display the site’s copyright, neither manual code reviews, static code analysis or scanners could have detected this easily. E-commerce businesses need a real-time monitoring solution that detects access to sensitive fields and attempts to exfiltrate personally

.....Read More

Magecart attackers continue get more creative with their techniques in order to evade detection, especially given advancements in security solutions over the years. By hiding the skimmer script inside a favicon pretending to display the site’s copyright, neither manual code reviews, static code analysis or scanners could have detected this easily. E-commerce businesses need a real-time monitoring solution that detects access to sensitive fields and attempts to exfiltrate personally identifiable information from the client side. It is important that users of Magento understand the need to disrupt the web attack lifecycle by stopping the theft of account and identity information from their site, and implement a solution to help do that. Taking action before it is too late will also help prevent damage to the brand’s reputation as well as limit potential liability for non-compliance.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.