Today > | 2 Medium vulnerabilities   -   You can now download lists of IOCs here!

Hundreds of online stores hacked in new campaign

Aug. 23, 2024, 9:30 a.m.

Description

A cybersecurity report details a malware campaign targeting numerous e-commerce websites running the popular Magento platform. Threat actors exploited a vulnerability to inject malicious code that skims payment data from online shoppers during checkout. The skimmer code is loaded from attacker-controlled domains, enabling criminals to harvest credit card numbers, expiration dates, and CVVs in real-time. Over a thousand unique theft attempts were detected, affecting hundreds of compromised stores. Retailers and shoppers should remain vigilant and use reputable security solutions to mitigate such threats.

Date

Published: Aug. 23, 2024, 9:06 a.m.

Created: Aug. 23, 2024, 9:06 a.m.

Modified: Aug. 23, 2024, 9:30 a.m.

Indicators

trendset.website

vodog.shop

statmaster.shop

statlstic.shop

statistall.com

salesguru.online

pixelsmith.shop

luckipath.shop

happywave.shop

deslgnpro.shop

datawiz.shop

codemingle.shop

codcraft.shop

artvislon.shop

analytlx.shop

Attack Patterns

T1059.008

T1598.003

T1185

T1059.001

T1059.007

Additional Informations

Retail