Experts Reaction On Credit Card Skimmer Running On 13 Shopping Sites, Despite Notification

In a blog post today, researchers published the dates for nearly 40 new shopping websites infected by Magecart 12 with JavaScript. All were notified of the compromise, yet 13 continued to load the malicious JavaScript.

Tarik Saleh, Senior Security Engineer and Malware Researcher,  DomainTools
February 26, 2020
FIM solutions are great for monitoring when files have been tampered with or added to your website.
Magecart continues to be a successful Javascript based malware that steals customer payment information. Magecart is uploaded to your website only after it has been compromised via some other means, like a XSS (Cross-Site Scripting) vulnerability or an RCE (Remote Code Execution) exploit. With that in mind, If you own a business that handles customer credit cards or payment information there a ....
[Read More >>]
Ameet Naik, Security Evangelist ,  PerimeterX
February 26, 2020
Despite proactive notifications to the site administrators, we see the infections continue to persist for months.
Businesses often leverage third-party platforms and services to take their brands online. When a Magecart infection is discovered, they can lack the processes or resources to engage their third-party vendors to patch their e-commerce stores and mitigate their risk of a data breach. PerimeterX research shows that Magecart attacks often remain active on websites for weeks or even months, compromisin ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article