Trend Micro has just published the following findings: Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites.
Forbes is reporting on the findings, noting that Trend Micro discovered credit card skimming malware in the reservation systems of two international hotel chains. The significant attack affects hotel chains with over 180 locations in 14 different countries.
The affected hotel reservation platforms were developed by Roomleader, a company from Spain that helps hotels build their online booking websites. The malicious code wasn’t injected directly into the website but rather into the script of Roomleader’s module called “viewedHotels” that was provided to its clients and subsequently used for two websites of two different hotel chains. The malware is Magecart, which has been responsible for several other high profile cases in the past year.
- Reservation systems affected by credit card skimming malware encompass over 180 hotel locations and 14 different countries.
- Magecart skimming malware attacked reservation platform developed by Barcelona hospitality provider Roomleader
- The names of two hotel chains and the extent of attack are unknown