It became known, that experts security of companies Aite group and Arxan Technologies after a thorough investigation they discovered that hackers of the Magecart team aim at on-line stores. This, as they have said, has been observed again in the past. Hackers have even compromised 80 eCommerce sites by stealing credit card data.
All of these sites were noted to have one in common. They used an outdated version of Magento, making the sites vulnerable to formjacking and skimming of digital cards. The striking thing is that it only took 2,5 hours of research to locate these 80 eCommerce sites that were compromised.
Magecart team activities are monitored by 2015. They usually place skimming scripts on online stores to steal their debit and credit card data. Of course not all Magecart teams are as advanced. Specifically, the 4 Team seems to be the most sophisticated of all. Many sites have been attacked over the years, including British Airways, Newegg, Ticketmaster, MyPillow and Amerisleep and Feedify. Experts also report that these 80 eCommerce sites were targeted by more than Magecart's 1 group.
As we have said before, the common element of the victims was deficient protection and error handling of the sites. The versions used by most Magecart groups are 1.5, 1.7 or 1.9. This makes them more vulnerable.
Although the investigation is still ongoing, the researchers have reported their findings to the competent authorities and sites concerned. However, they have not officially named the sites for the time being.
Research has also shown that once the credit card data is acquired, the hackers either sell it to Dark web or buy products in online stores.