Commenst On Magecart Skimming Attack Targets Mobile Users Of Hotel Chain Booking Websites

Trend Micro has just published the following findings:  Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites.

Forbes is reporting on the findings, noting that Trend Micro discovered credit card skimming malware in the reservation systems of two international hotel chains. The significant attack affects hotel chains with over 180 locations in 14 different countries.

The affected hotel reservation platforms were developed by Roomleader, a company from Spain that helps hotels build their online booking websites. The malicious code wasn’t injected directly into the website but rather into the script of Roomleader’s module called “viewedHotels” that was provided to its clients and subsequently used for two websites of two different hotel chains. The malware is Magecart, which has been responsible for several other high profile cases in the past year.

Key Points:

  • Reservation systems affected by credit card skimming malware encompass over 180 hotel locations and 14 different countries.
  • Magecart skimming malware attacked reservation platform developed by Barcelona hospitality provider Roomleader
  • The names of two hotel chains and the extent of attack are unknown

Roger Grimes, Data-driven Defence Evangelist ,  KnowBe4
September 19, 2019
As long as the customers aren’t complaining, they don’t think they have a problem.
This is a combination of two major attack types: credit card skimming malware and a “supply chain” attack. Credit card skimming malware being injected at legitimate customer sites has been an ongoing problem for many years, and seems likely not to abate anytime soon. Attacking supply chains, which provide code and other services to larger services and sites has also been a problem for years, b ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :

In this article