Hundreds Of Counterfeit Online Shoe Stores Injected With Credit Card Skimmer – Comments

By   ISBuzz Team
Writer , Information Security Buzz | Dec 12, 2019 05:57 am PST

Malwarebytes researchers have discovered a credit card skimmer injected into hundreds of fraudulent sites selling brand name shoes. Many of these sites have been infected with malware that skims credit card information during the checkout process. All of the sites were running outdated versions of the Magento e-commerce platform and the PHP programming language it utilizes.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Ameet Naik
Ameet Naik , Security Evangelist
December 12, 2019 2:02 pm

Digital skimming and Magecart attacks are the biggest threat to even legitimate e-commerce sites. Short-lived counterfeit sites simply have no incentive to protect user data like credit card numbers. They use off-the-shelf platforms like Magento to quickly build an e-commerce site, promote it until the inventory runs out and then shut it down. This is a ripe playground for Magecart gangs since there are so few security controls.

By compromising just one platform like Magento, they can infect hundreds of sites without much extra effort. In fact, our research shows multiple Magecart attackers operating on some e-commerce sites at the same time.

Last edited 4 years ago by Ameet Naik

Recent Posts

Would love your thoughts, please comment.x