Skip to main content

Magecart Hackers Compromise 80 More Online Transaction Websites (eCommerce Sites) to Steal Credit Cards.

Cybersecurity researchers have discovered over 80 Magecart compromised e-commerce websites that were actively sending credit card information of online shoppers to the attackers-controlled servers.
Operating their businesses in the United States, Canada, Europe, Latin America, and Asia, many of these compromised websites are reputable brands in the motorsports industry and high fashion, researchers at Aite Group and Arxan Technologies revealed today in a report shared with The Hacker News.
In a world that's growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce websites.
Magecart is an umbrella term given to different cybercriminal groups that are specialized in secretly implanting online credit card skimmers on compromised e-commerce websites with an intent to steal payment card details of their customers.
These virtual credit card skimmers, also known as formjacking attack, are basically JavaScript code that hackers secretly insert into a compromised website, often on the shopping cart page, designed to capture payment information of customers in real-time and send it to a remote attacker-controlled server.
Magecart is in the news a lot lately for conducting several high-profile heists against major companies including British Airways, Ticketmaster, Newegg, and others.
Flowchart Magecart Formjacking Attack
The newly disclosed campaign doesn't belong to a single group of Magecart hackers; instead, researchers used a source code search engine to search for obfuscated JavaScript on the Internet with malicious patterns that were previously seen in the Magecart's virtual credit card skimmers.
According to the researchers, the technique allowed them to quickly uncover more than 80 e-commerce websites compromised by Magecart groups, most of which were found running over outdated versions of Magento CMS that's vulnerable to an unauthenticated upload and remote code execution vulnerabilities.
"The absence of in-app protection, such as code obfuscation and tamper detection, makes web apps vulnerable to a type of cyberattack called formjacking," the researchers said.
"Many of the compromised sites are running version 1.5, 1.7, or 1.9. The arbitrary file upload, remote code execution, and cross-site request forgery vulnerabilities all affect Magento version 2.1.6 and below. While it can't be stated authoritatively that this is what led to the breach of these sites, these are vulnerable versions of Magento that allow adversaries to inject the formjacking code into the site."
Though the researchers have not named the compromised companies in its report, they worked with federal law enforcement to notify all affected organizations as well as off-site servers prior to publishing their report.
"Because this is an ongoing and active project, we have decided not to name the victim sites," the researchers told The Hacker News.
In addition, the researchers also analyzed Magecart's monetization activities and found that besides selling the stolen payment card data on the dark web forums, the attackers also purchase merchandise on legitimate online shopping sites and ship them to pre-selected merchandise mules in an attempt to launder the fraudulent transactions.
"To recruit merchandise mules, the attacker posts jobs that offer people the ability to work from home and earn large sums of money to receive and reship merchandise purchased with the stolen credit card numbers," the researchers say.
The mules then work with local shippers who receive under-the-table pay to send merchandise to the eastern European destinations, where it is sold to local buyers, eventually profiting attackers as a second line of revenue.
The researchers recommend e-commerce websites to, at foremost priority, update or patch their platform software to the latest version that protects them from known exploits.
Besides this, e-commerce websites should also implement code obfuscation and white-box cryptography to make the web forms unreadable to the adversary, as well as solutions to detect unauthorized modification of website files.
Online shoppers are also advised to regularly review their payment card details and bank statements for any unfamiliar activity. No matter how small unauthorized transaction you notice, you should always report it to your financial institutions immediately.

Comments

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed

How to Host a Website for Free From Your PC or Laptop.

Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.