Card Skimmer Hits Australian Bushfire Donation Site

2020-01-14 20:39

Concerned global citizens making donations to help fight the massive Australia bushfires have been caught up in a Magecart attack, after one of the groups implanted a payment-card skimmer on the check-out page of a legitimate online donation site.

Researchers ran across the Magecart script, named "ATMZOW" after one of the strings in the code, stealing form data from the checkout page of the site.

"The compromised site is running Magento, by far the most targeted CMS when it comes to skimming, and was outdated, which is likely how the attackers were able to inject it with malware," he said in an email interview.

"We don't believe this site was targeted on its own, but rather was victim of an automated attack based on exploiting known vulnerabilities. This reinforces the idea that any site, big or small, business or not for profit, is a valuable resource for criminals."

Researchers traced the skimmer back to its control panel, a known exfiltration domain at vamberlo[.

News URL

https://threatpost.com/card-skimmer-australian-bushfire-donation-site/151841/

#australian #skimmer