Security News > 2020 > May > Magecart malware merrily sipped card details, evaded security scans on UK e-tailer Páramo for almost 8 months

A card-skimming Magecart malware infection lingered on a British outdoor clothing retailer's website without detection for nearly eight months despite regular security scans.

The warning continued: "This code copied card details entered, destined for PayPal and additionally sent them on to the attacker's server. The data transferred was name, address, card number and CVV code."

The Register confirmed with Páramo that 3,743 people's full card details - including all data points necessary to make online purchases elsewhere - had been stolen between July 2019 and March this year.

A company spokesman agreed that it looked like Magecart and told us: "Criminals often seek unpatched web systems, or use compromised credentials, in order to take control of a system and subtly introduce malicious functionality that will execute in the browser. In this way, malware such as Magecart is able to capture personal data as web visitors enter it in their browser, exfiltrating it to the criminals without the stolen information necessarily touching the originally compromised system."

A couple of years ago Magecart was the attack method that stole 380,000 peoples' card details from British Airways, while the malware continues to evolve as researchers desperately try to halt its spread. .

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/19/paramo_hack_magecart/