Researcher finds 1,236 websites infected with credit card stealers
How would you feel if you visited a website and found the next day that your credit card has been charged fraudulently? This happened because you visited a website that has a Web Skimmer, E-Skimmer, or MageCart installed in it to steal your payment card details. We had recently exposed how a hacker group was stealing payment card information hiding a Web Skimmer in the websites Favicon. It seems there are nearly 1000 websites that have such web skimmers of MageCarts installed to steal your payment data.
A security researcher researching about MageCart has found nearly 1236 websites that have such web skimmers installed. The security researcher Max Kersten was able to compile a list of 1,236 domains that were hit by a web skimmer hosted on an external domain.
What is Web Skimming?
Web Skimming also called e-skimming or a Magecart attack is a process in which hackers breach websites and hide malicious code on its webpages. The code activates itself when any customer users a Credit or Debit Card to make payment. The code steals the steals payment card details as soon as the victim enters them in checkout forms. The code then relays the stolen payment card details to the command and control center of the hackers.
Web skimming attacks were first noticed in 2016 and as the years have passed the web skimming attacks have gotten more innovative. The U.S. Federal Bureau of Investigation (FBI) has already issued a warning in October 2019 to US etailers and online operators about e-skimming attacks or Magecart attacks.
Malwarebytes today published a a report which details such an innovative web skimming operation carried out by a group of hackers. Malwarebytes discovered this group while investigating a series of strange hacks, where the only thing modified on the hacked sites was the favicon. Favicons are the website logos that open when you visit on any website.
Based on Kersten’s research, the country with the most shops impacted by MageCart is the U.S. with 303 infections, while individual countries in Europe seem to be the least affected, as the U.K. is in the lead with just 68 websites. India figures high on the list with 79 infected websites. You can read the full details of his research on his blog post here.