Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep.Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently.Magecart made headlines last year after attackers conducted several high-profile cyber attacks against major international companies including British Airways, Ticketmaster, and Newegg.Magecart hackers use a digital payment card skimmer, a few lines of malicious Javascript code they insert into the checkout page of hacked websites and designed to captured payment information of customers in real time and then send it to a remote attacker-controlled server.
Earlier this year, Magecart attackers also compromised nearly 277 e-commerce websites in a supply-chain attack by inserting its skimming code into a popular third-party JavaScript library from Adverline.That widely spread cyber attack eventually targeted all customers who made online purchases on hundreds of European e-commerce sites that were serving a modified Adverline script.MageCart Hackers Target Bedding Retailers MyPillow and Amerisleep
In a new report RiskIQ shared with The Hacker News before its publication, researchers revealed two new Magecart-related breaches that compromised online bedding retailers MyPillow and Amerisleep and stole payment information of their customers.Just like previous attacks, after finding a way to get a foothold on the targeted websites, the Magecart hackers implanted digital skimming code on both websites and managed to skim payment cards of their customers during online transactions.
MyPillow was breached by the Magecart attackers in October last year, wherein attackers inserted malicious skimming script on the site that was hosted on a look-alike domain (also known as typosquatting) with an SSL certificate from LetsEncrypt.
“The last time we observed this skimmer active on …

Go to Source


Comments are closed.