Hundreds of e-commerce sites booby-trapped with payment card-skimming malware

by
Dan Goodin
from Ars Technica - All content on (#5W1K2)
payment-card-online-800x534.jpeg

Enlarge (credit: Getty Images)

About 500 e-commerce websites were recently found to be compromised by hackers who installed a credit card skimmer that surreptitiously stole sensitive data when visitors attempted to make a purchase.

A report published on Tuesday is only the latest one involving Magecart, an umbrella term given to competing crime groups that infect e-commerce sites with skimmers. Over the past few years, thousands of sites have been hit by exploits that cause them to run malicious code. When visitors enter payment card details during purchase, the code sends that information to attacker-controlled servers.

Fraud courtesy of Naturalfreshmall[.]com

Sansec, the security firm that discovered the latest batch of infections, said the compromised sites were all loading malicious scripts hosted at the domain naturalfreshmall[.]com.

Read 8 remaining paragraphs | Comments

index?i=foTzXkfPiQk:sCSFPB15mqM:V_sGLiPB index?i=foTzXkfPiQk:sCSFPB15mqM:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments