Magecart Hits Parents and Students via Blue Bear Attack
The latest attack takes aim at a vertical-specific e-commerce platform. Continue reading Magecart Hits Parents and Students via Blue Bear Attack
Category Archives: card skimming
Magecart Group Switches Up Tactics with MiTM, Phishing
This new skimming/phishing hybrid threat tactic means that even stores that send customers to external payment processors are vulnerable. Continue reading Magecart Group Switches Up Tactics with MiTM, Phishing
Magecart Hits 80 Major eCommerce Sites in Card-Skimming Bonanza
Mainly motorsports and luxury apparel sites, all of them were running outdated versions of the Magento eCommerce platform. Continue reading Magecart Hits 80 Major eCommerce Sites in Card-Skimming Bonanza
Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps
In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers’ credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation.
The media has al… Continue reading Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps
Discover replaces customer cards following breach at unidentified outside entity
Some Discover Card users are receiving new payment cards in the mail after a data breach exposed financial information, according to two customer notices submitted to the California attorney general’s office. Discover Financial Services said the breach did not involve its own systems. While the company doesn’t elaborate in the customer notices, a spokesman told CyberScoop it was taking action because of a breach that orignated with a service the company declined to identify. “We are prohibited from naming the merchant, and I can tell you only that the number is small,” Jon Drummond, Discover’s director of media relations, said via email. “It is not something that we ever report.” “This incident was the result of a merchant data compromise, and not the result of any action by Discover or an intrusion of our customer information systems. We re-issued cards out of an abundance of caution for our cardholders,” he said. The two breach […]
The post Discover replaces customer cards following breach at unidentified outside entity appeared first on CyberScoop.
Continue reading Discover replaces customer cards following breach at unidentified outside entity
New ‘Magecart’ group used ad plugin to steal payment data from hundreds of websites
Hundreds of e-commerce websites have been hit with a card-skimming attack that compromised an advertising plugin, according to research from Trend Micro and RiskIQ. It’s the latest in a series of attacks linked to Magecart, an umbrella term for a set of hacking groups that use different methods to steal payment data from websites. Researchers said that while the attack resembled previous Magecart incidents, this one appears to have originated with a relatively new group that RiskIQ dubbed “Magecart Group 12.” Group 12’s attack affected 277 “ticketing, touring, and flight booking services as well as self-hosted shopping cart websites from prominent cosmetic, healthcare, and apparel brands,” according to Trend Micro. The researchers said the group had been a minor player in the past, finding ways to inject its code into individual e-commerce websites. But when the hackers infected a JavaScript library used by the French advertising firm Adverline in 2018, […]
The post New ‘Magecart’ group used ad plugin to steal payment data from hundreds of websites appeared first on CyberScoop.
Continue reading New ‘Magecart’ group used ad plugin to steal payment data from hundreds of websites
Hackers infect e-commerce sites by compromising their advertising partner
Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites.
According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Ma… Continue reading Hackers infect e-commerce sites by compromising their advertising partner
Magecart Returns with Advertising Library Tactic
The threat group also has a new subsidiary, Magecart Group 12. Continue reading Magecart Returns with Advertising Library Tactic
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year. Continue reading 2019 Malware Trends to Watch
BevMo payment breach affects thousands, with researchers pointing to Magecart
BevMo, a California-based retailer of alcoholic beverages, is notifying some customers that a data breach affected the online store exposed credit card information used between August 2 and Sept. 26. In a notice submitted to the California attorney general’s office, BevMo says that hackers were able to install malicious code onto the company’s checkout page, skimming customer information including names, payment card numbers, expiration dates and security codes, addresses, as well as phone numbers. BevMo says the malicious code has been removed by NCR Corporation, which operates BevMo’s website. NCR, which sells point-of-sale systems and provides IT services, notified BevMo of the breach and sponsored a third-party investigation into it, according to BevMo’s notice. NCR did not respond to a request for comment. A local NBC station in the San Francisco Bay Area reported that the breach impacted 14,579 customers. BevMo has stores in California, Arizona and Washington, but ships online orders […]
The post BevMo payment breach affects thousands, with researchers pointing to Magecart appeared first on CyberScoop.
Continue reading BevMo payment breach affects thousands, with researchers pointing to Magecart