Hacker invaded Wyoming Medical Center
infosec

Hacker invaded Wyoming Medical Center

Hackers invaded Wyoming medical center systems forcing a hospital to cancel some surgeries, stop accepting ...
Read More
infosec

WeWork's WiFi network is leaking sensitive user information

WeWork WiFi vulnerabilities in the Manhattan-based company building which exposed sensitive company data, ...
Read More
infosec

Microsoft: The biggest risk for businesses is cyberattacks

According to a survey by Marsh and Microsoft, the biggest threat to businesses is cyberattacks. Nowadays,...
Read More
infosec

How to fix iOS 13 bugs in iPhone Mail app

If you have upgraded to iOS 13, then you may have discovered that the Mail app behaves a bit weird, which is ...
Read More
infosec

Check if your folders have malware with Windows Defender!

Windows comes with a free antivirus program, called Windows Defender, that offers continuous protection as well as the ability to ...
Read More
Latest Posts

eCommerce sites at risk by Magecart hackers!

Magecart

It became known, that experts security of companies Aite group and Arxan Technologies after a thorough investigation they discovered that hackers of the Magecart team aim at on-line stores. This, as they have said, has been observed again in the past. Hackers have even compromised 80 eCommerce sites by stealing credit card data.

Magecart

All of these sites were noted to have one in common. They used an outdated version of Magento, making the sites vulnerable to formjacking and skimming of digital cards. The striking thing is that it only took 2,5 hours of research to locate these 80 eCommerce sites that were compromised.

Magecart team activities are monitored by 2015. They usually place skimming scripts on online stores to steal their debit and credit card data. Of course not all Magecart teams are as advanced. Specifically, the 4 Team seems to be the most sophisticated of all. Many sites have been attacked over the years, including British Airways, Newegg, Ticketmaster, MyPillow and Amerisleep and Feedify. Experts also report that these 80 eCommerce sites were targeted by more than Magecart's 1 group.

The Aite Group to carry out research, used one source code search engine to locate JavaScript that has been repeatedly found in earlier Magecart attacks.

Magecart

As we have said before, the common element of the victims was deficient protection and error handling of the sites. The versions used by most Magecart groups are 1.5, 1.7 or 1.9. This makes them more vulnerable.

Although the investigation is still ongoing, the researchers have reported their findings to the competent authorities and sites concerned. However, they have not officially named the sites for the time being.

Research has also shown that once the credit card data is acquired, the hackers either sell it to Dark web or buy products in online stores.

How useful was this post?

Average rating / 5. Vote count:

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
SecNews

About SecNews

In Depth IT Security News

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *