Hundreds of online stores hacked in new campaign
Aug. 23, 2024, 9:30 a.m.
Tags
External References
Description
A cybersecurity report details a malware campaign targeting numerous e-commerce websites running the popular Magento platform. Threat actors exploited a vulnerability to inject malicious code that skims payment data from online shoppers during checkout. The skimmer code is loaded from attacker-controlled domains, enabling criminals to harvest credit card numbers, expiration dates, and CVVs in real-time. Over a thousand unique theft attempts were detected, affecting hundreds of compromised stores. Retailers and shoppers should remain vigilant and use reputable security solutions to mitigate such threats.
Date
Published: Aug. 23, 2024, 9:06 a.m.
Created: Aug. 23, 2024, 9:06 a.m.
Modified: Aug. 23, 2024, 9:30 a.m.
Indicators
trendset.website
vodog.shop
statmaster.shop
statlstic.shop
statistall.com
salesguru.online
pixelsmith.shop
luckipath.shop
happywave.shop
deslgnpro.shop
datawiz.shop
codemingle.shop
codcraft.shop
artvislon.shop
analytlx.shop
Attack Patterns
T1059.008
T1598.003
T1185
T1059.001
T1059.007
Additional Informations
Retail