Dismiss this notice
EaseUS Data Recovery Wizard Professional Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
Softland's Backup4all Professional and novaPDF Professional Blowout! - [Only registered and activated users can see links Click here to register]

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Magecart Attack Impacts More Than 10K Online Shoppers
#1
Information 
Quote:One of the largest known Magecart campaigns to date took place over the weekend, with nearly 2,000 e-commerce sites hacked in an automated campaign that may be linked to a zero-day exploit. The attacks have impacted tens of thousands of customers, who had their credit-card and other information stolen, researchers said.
 
According to Sansec Threat Intelligence, online stores running Magento versions 1 and 2 are being targeted in a classic Magecart attack pattern, where e-commerce sites are hacked, either via a common vulnerability or stolen credentials. If a compromise is successful, merchant websites are then injected with a web skimmer, which surreptitiously exfiltrates personal and banking information entered by customers during the online checkout process.
 
The firm’s telemetry picked up “1904 distinct Magento stores with a unique keylogger (skimmer) on the checkout page,” the firm said [Only registered and activated users can see links Click here to register] on Monday. “On Friday, 10 stores got infected, then 1058 on Saturday, 603 on Sunday and 233 today….Most stores were running Magento version 1, which was announced end-of-life last June. However, some stores were running Magento 2.”

In delving into the campaign, Sansec researchers were able to determine that many victimized stores had no prior history of security incidents; and, they speculated that the attacks may be linked to a $5,000 Magento exploit that went up for sale in August in underground forums. The zero-day allows a brand-new avenue to gaining server (write) access to fully patched websites.

Read more: [Only registered and activated users can see links Click here to register]
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
InterPlanetary Storm Botnet Infects 13K ...
A new variant of th...silversurfer — 17:14
OAuth Consent Phishing Ramps Up with Mic...
An APT known as TA...silversurfer — 17:12
Facebook Small Business Grants Spark Ide...
Cybercriminals are...silversurfer — 17:10
Microsoft Exchange Servers Still Open to...
Over half of expos...silversurfer — 17:09
Android Spyware Variant Snoops on WhatsA...
Researchers say the...silversurfer — 17:06

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (42)Michaelaceve
avatar (32)QuadirLigh
avatar (33)Mblippek
avatar (36)guerigGep
avatar (39)viecontAceve
avatar (44)wohnkwagVib
avatar (39)Michaelsen
avatar (40)citygon
avatar (32)armaMIZ
avatar (43)lambrnag
avatar (44)AlbertDig
avatar (44)beipHit
avatar (40)Wendigortup
avatar (33)Timothynet
avatar (36)MichaelHig
avatar (32)icebywiwy
avatar (40)Cameronreoxy
avatar (36)BrendaRusia
avatar (43)Konradsuiz
avatar (33)haupeadvoge
avatar (37)RobertBrura
avatar (42)maggiebz16
avatar (33)MarthaWes
avatar (42)vikgoMam
avatar (35)Michaelcrini
avatar (33)DonaldSoM

[-]
Online Staff
There are no staff members currently online.

>