Hackers are targeting the Magento 1 platform with Magecart.
Hackers are reportedly targeting a specific set of e-commerce sites with malware.
According to Bleeping Computer, over 500 e-commerce sites running the Adobe Magento 1 system have been infected with a credit card skimmer as a result of a Magecart attack from a single domain, which is currently offline. The malware is designed to intercept and steal credit card information entered by customers, without the retailers or shoppers being aware.
Retailers may use services to check their sites for new script, but the attackers can analyze the checks, and if one is different enough from normal site visits, the attacker can analyze where it’s from and return the regular site if they recognize the IP address. This allows Magecart attackers to only run the malicious script when a customer makes a purchase.
The current attack on sites using Magento 1 was reportedly discovered by security analysts in late January 2021, after 374 site infections using the same malware were discovered in a single day. Although Magecart attacks are typically launched to steal consumer credit card information, this specific virus reportedly could also allow hackers to completely take over an infected site.
Adobe stopped supporting Magento 1 in June 2020, but many e-commerce sites still run this version of the platform. E-commerce retailers using Magento are advised to check the version of Magento they are currently using with a digital guide from Adobe.
In a high-profile July 2020 incident, hackers sponsored by the government of North Korea reportedly launched an effort to stealing payment card data from customers of U.S. e-commerce retailers using Magecart attacks. Retailers affected by the hack reportedly included Claire’s, Focus Camera, and Paper Source. The hackers are also said to have created a fake Claire’s e-commerce site for the purpose of fraudulently collecting consumer payment card data.
“Retail breaches are like Willy Wonka’s Everlasting Gobstopper – they’re never going away,” Dan Dinnar, CEO of Source Defense, said in an exclusive commentary to Chain Store Age. “Client-side attacks like Magecart – digital skimming, formjacking – are only going to increase given the exponential growth in e-commerce transactions over the past two years.