Researcher Finds 1,236 Websites Infected With Credit Card Stealers

As reported by Bleeping Computer, security researcher Max Kersten collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure webshops.

MageCart was first spotted over a decade ago by cybersecurity company RiskIQ but attacks have grown rampant over the past two years when big-name companies were hit – British AirwaysTicketmasterOXONewegg. Since then, automated systems tuned specifically to detect this type of threat found hundreds of thousands of websites that on checkout pages malicious JavaScript designed to steal card data from shoppers.

EXPERTS COMMENTS
Jake Moore, Cybersecurity Specialist,  ESET
May 13, 2020
The likes of Ticketmaster and British Airways have been struck in the past like this so these attackers are clearly aiming big.
Web card skimming can be extremely lucrative when it works, which is why cybercriminals are going to great lengths to achieve the perfect digital heist. Once pulled off, it can often be months before the alarm bells ring. At a time like this, many companies may take their eye off the ball, but these threat actors are persistent and will exploit anywhere they can. The automated nature of these at ....
