Magecart Credit Card Skimmer Found On Nine Sites – Expert Advise

Security researchers have discovered nine new websites infected with malicious JavaScript, attributed to Magecart Group 12, that steals payment card info from online shoppers. The owners of these sites were contacted, none of them replied and the latest check showed that the malicious script was still active on all but one.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Ameet Naik
Ameet Naik , Security Evangelist
InfoSec Expert
February 21, 2020 11:57 am

Magecart attacks are getting more sophisticated, and attackers are taking extra measures to evade detection. PerimeterX researchers recently uncovered another common obfuscation technique used in multiple Magecart attacks and provided a mechanism to de-obfuscate and analyze the malware code.

While researchers uncover more and more active attacks, we see businesses struggle to mitigate these attacks in a timely manner. Magecart infections continue to remain active on websites for weeks or months, compromising credit card data in droves, while financial institutions and other businesses bear the cost of the resulting fraud. While it helps to stay current with security patches and software updates, businesses need to invest in client-side visibility solutions that will proactively alert them about Magecart attacks, and drastically shorten the meantime to mitigation.

Last edited 2 years ago by Ameet Naik
1
0
Would love your thoughts, please comment.x
()
x