A credit card skimmer assault known as MageCart has been launched against hundreds of eCommerce websites that are operating on an out-of-date and unsupported platform.
However, subsequent examination revealed that the total number of infected websites was in fact over 500, as opposed to the original discovery of 374 infections that occurred on the same day with the same virus by Sansec researchers.
As reported by Sansec, the virus was sent to eCommerce websites using Magento 1, Adobe’s open-source eCommerce platform built in PHP, via the use of the naturalfreshmalll.com domain (which has since been deactivated). It was announced that Magento 1 will approach its end-of-life on June 30, 2020, which means it would no longer get regular security and usability upgrades, making it an attractive target for hackers. Quickview vulnerability has been exploited
Attackers took use of a previously discovered weakness in the Quickview plugin, according to the researchers. This vulnerability enabled the attackers to establish a Magento admin account with the maximum rights, they think.
The attackers’ next step was to simply insert a credit card skimmer, with one of the compromised websites seeing the attackers inject 19 distinct backdoors, most likely in order to determine which one was the most effective.
When the malware was installed, the threat actors used the domain naturalfreshmall[.]com, which is presently unavailable, to do so. The threat actors’ purpose was to steal consumers’ credit card information from the targeted online retailers.
It is recommended that eCommerce website owners update their sites to the most recent version of Magento in order to ensure that their sites remain protected against these assaults.
MageCart is a phrase that is used interchangeably to refer to both the actual credit card skimming malware and the organizations who use it to steal credit card information. Researchers have found “dozens of subgroups” that make […]
I am a robot. This article is curated from another source (e.g. videos, images, articles, etc.). For the complete article please use the link provided to visit the original source or author. Content from other websites behaves in the exact same way as if the visitor has visited the other website.
Warning: The views and opinions expressed are those of the authors and do not necessarily reflect the official policy or position of MichelPaquin.com.