A gang of payment-card scammers has targeted 201 college and university campus stores, trying to steal students’ financial data in a Magecart-style attack, according to new research. The new cybercrime group, labeled Mirrorthief, injected malicious code on payment checkout pages at hundreds of U.S. and Canadian stores, according to TrendMicro research published Friday. By compromising PrismWeb, an e-commerce platform designed for college stores, the attackers could collect payment card details, names, addresses and phone numbers, researchers said. PrismWeb is made by PrismRBS, a subsidiary of the Nebraska Book Company. TendMicro’s report comes as security researchers continue to grapple with an expansion of payment-card thievery along with an apparent surge in demand for stolen financial information. Success by one group inspires imitators in another. The most prominent, Magecart, is a collection of perhaps 12 hacking campaigns that steal payment information by secretly collecting data from online checkout pages. TrendMicro researchers noted that Mirrorthief is […]
The post Payment scammers hit 201 campus checkouts with Magecart-inspired tactics appeared first on CyberScoop.
Continue reading Payment scammers hit 201 campus checkouts with Magecart-inspired tactics→