Security News > 2021 > December > Sites hacked with credit card stealers undetected for months
Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers.
The code can steal payment details such as credit card number, holder name, addresses, and CVV, and send them to the actor.
Threat actors may then use this information for purchasing goods online or sold to other actors on underground forums and dark web marketplaces known as "Carding" sites.
By investigating deeper, the analysts found that the same actor responsible for the attack against SCUF was operating an extensive network of skimmers that stole credit card details from several sites.
The smaller the Alexa rank number, the more traffic that website receives, so the longer the skimmer stays undetected, the more credit card details Magecart actors steal.
If you have bought anything using your credit card from the seven listed above this year, consider your payment details compromised and call your bank to request a card replacement.