Security News > 2022 > July > Hackers steal 50,000 credit cards from 300 U.S. restaurants

Hackers steal 50,000 credit cards from 300 U.S. restaurants
2022-07-19 14:00

Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms.

Recently, Recorded Future's threat detection tools identified two Magecart campaigns injecting malicious code into the online ordering portals of MenuDrive, Harbortouch, and InTouchPOS. As a result, 50,000 payment cards were stolen and have already been offered for sale on various marketplaces on the dark web.

The first campaign started on January 18, 2022 and it hit 80 restaurants using MenuDrive and and 74 that used the Harbortouch platform.

Most of these restaurants were small local establishments across the U.S. using the platform as a cost-effective alternative to outsource the online ordering process.

On Harbortouch, the injected skimmer used a single script to steal all personally identifiable information and payment card data.

In this case, the skimmer doesn't steal the details from the site but instead overlays a fake payment form on valid targets that are ready for the checkout process using a credit card.


News URL

https://www.bleepingcomputer.com/news/security/hackers-steal-50-000-credit-cards-from-300-us-restaurants/