MageCart infections are when attackers compromise an ecommerce site to inject JavaScript into the checkout or cart pages. This script then steals credit card and address information entered into these pages and then sends it off to a remote server for the attackers to collect. This type of attack has been very active this past year, with large sites such as British Airways, TicketMaster, OXO, and Newegg being affected by these malicious scripts.
In research by TrendMicro and RiskIQ, a new group known as Magecart Group 12 has compromised a script belonging to a French advertising company in order to inject MageCart into its customers websites.
New reports released by the security companies disclose that “277 ecommerce websites providing ticketing, touring, and flight booking services as well as self-hosted shopping cart websites from prominent cosmetic, healthcare, and apparel brands” were affected by a MageCart attack through a compromised advertising script from French online advertiser Adverline. This script is used by Adverlines customers to retarget advertisements based on a visitors interests or other behaviour.
BleepingComputer was told by a RiskIQ threat researcher that Adverline did not respond to emails sent by the researchers.
The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.
The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.
Current themes
No part of this site can be reproduced without explicit permission of The Paypers (v2.7).
Privacy Policy / Cookie Statement
Copyright