Unless you want your payment card data skimmed, avoid these commerce sites

by
Dan Goodin
from Ars Technica - All content on (#4ER3T)
payment-cards.jpg

Enlarge (credit: Mighty Travels / Flickr)

More than 100 e-commerce sites around the world are infected with malicious code designed to surreptitiously skim payment card data from visitors after they make purchases, researchers reported on Wednesday. Among those infected are US-based websites that sell dental equipment, baby merchandise, and mountain bikes.

In total, researchers with China-based Netlab 360 found 105 websites that executed card-skimming JavaScript hosted on the malicious domain magento-analytics[.]com. While the domain returns a 403 error to browsers that try to visit it, a host of magento-analytics[.]com URLs host code that's designed to extract the name, number, expiration date, and CVV of payment cards that are used to make purchases. The e-commerce sites are infected when the attackers add links that cause the malicious JavaScript to be executed.

One of the infected sites identified by Netlab 360 is ilybean[.]com, an Orlando, Florida, business that sells baby beanies. As the screenshot below shows, the site executes JavaScript hosted at magento-analytics[.]com.

Read 9 remaining paragraphs | Comments

index?i=k7sSQW4vOII:hJc5jqW7vsw:V_sGLiPB index?i=k7sSQW4vOII:hJc5jqW7vsw:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments