Magecart Group 8 skimmed card info from 570+ online shops

Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group (aka Magecart Group 8) since April 1, 2017. Magecart Group 8’s modus oper… Continue reading Magecart Group 8 skimmed card info from 570+ online shops

How a favicon delivered a web credit card skimmer to victims

Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that “turn” malicious when victims visit a checkout page. Favicons and card skimmers Favicons is a file containing on… Continue reading How a favicon delivered a web credit card skimmer to victims

Monero Project site compromised, served malware-infected binaries

The official website of the Monero Project has been compromised to serve a malware-infected version of the CLI (command-line interface) wallet. The malicious file was available for download for around 14 hours and at least one of the users who download… Continue reading Monero Project site compromised, served malware-infected binaries

Macy’s online store compromised in Magecart-style attack

The webshop of noted U.S. department store company Macy’s has been compromised and equipped with an information-stealing JavaScript, which ended up collecting users’ personal and payment card information for a week. What is known about the … Continue reading Macy’s online store compromised in Magecart-style attack

European Central Bank shuts down website following hack, data theft

The European Central Bank (ECB) confirmed on Thursday that its Banks’ Integrated Reporting Dictionary (BIRD) website has been compromised by attackers and taken down until the situation is brought under control. The compromise may have resulted in the … Continue reading European Central Bank shuts down website following hack, data theft

Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been exploiting them to inject payment card skimming scripts into websites. The problem… Continue reading Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

Most Magento shops get compromised via vulnerable extensions

Vulnerable third party extensions (modules) are now the main source of Magento hacks, says security researcher and Magento forensics investigator Willem de Groot. “The method is straightforward: attacker uses an extension bug to hack into a Magen… Continue reading Most Magento shops get compromised via vulnerable extensions

Make-A-Wish website compromised to serve cryptojacking script

Visitors of the international website of the US-based non-profit Make-A-Wish Foundation have had their computing power misused to covertly mine cryptocurrency, Trustwave researchers have found. The compromise In-browser cryptomining is not illegal and … Continue reading Make-A-Wish website compromised to serve cryptojacking script

British Airways breach was effected by Magecart attackers

The British Airways breach was the work of a well-known criminal group dubbed Magecart, which managed to put payment card skimming code on the company’s website, says RiskIQ researcher Yonathan Klijnsma. The group has been compromising online sho… Continue reading British Airways breach was effected by Magecart attackers

Magecart presents an unprecedented threat: Here’s what you can do

On Tuesday we learned that the previously disclosed Ticketmaster UK breach from a few weeks ago was not a one-off event but instead part of a widespread website digital credit card skimming operation that impacted over 800 ecommerce sites around the wo… Continue reading Magecart presents an unprecedented threat: Here’s what you can do