Security News > 2022 > January > Segway Hit by Magecart Attack Hiding in a Favicon

Segway Hit by Magecart Attack Hiding in a Favicon
2022-01-25 20:35

Segway, maker of the iconic - and much-spoofed - personal motorized transporter familiar from guided city tours everywhere, has been serving up a nasty credit-card harvesting skimmer via its website - likely linked to Magecart Group 12.

Magecart is a loose umbrella term encompassing various affiliated groups of financially motivated cybercriminals who all employ a similar skimming malware to harvest information - in particular payment-card information - that shoppers enter into checkout pages on eCommerce websites.

Typically, across Magecart groups, the skimmers are injected into unsuspecting merchant websites be exploiting vulnerable versions of popular eCommerce platforms, such as outdated iterations of Magento or WooCommerce.

"The compromise of the Segway store is a reminder that even well-known and trusted brands can be affected by Magecart attacks," Malwarebytes noted.

"By hiding the skimmer script inside a favicon pretending to display the site's copyright, neither manual code reviews, static code analysis or scanners could have detected this easily."

Their activity is vociferous: A recent Risk IQ report in December found that a Magecart attack on a website happens once every 16 seconds.


News URL

https://threatpost.com/segway-magecart-attack-favicon/177971/