Security News > 2022 > July > Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

Magecart campaigns have been skimming payment-card credentials of unsuspecting customers using three online restaurant-ordering systems, affecting about 300 restaurants that use the services and compromising tens of thousands of cards so far, researchers have found.

Two separate ongoing Magecart campaigns have injected e-skimmer scripts into the online ordering portals of restaurants using three separate platforms: MenuDrive, Harbortouch, and InTouchPOS, researchers from Recorded Future revealed in a blog post this week.

"Across all three platforms, at least 311 restaurants have been infected with Magecart e-skimmers, a number that is likely to grow with additional analysis," researchers from Recorded Future's Insikt Group wrote in the report.

The infections on the restaurants' websites affected in the two campaigns observed by Recorded Future "Often result in the exposure of customers' payment card data and PII," researchers noted.

Researchers have identified more than 50,000 compromised payment card records from the campaigns posted for sale on the dark web, and they expect more stolen data to be posted in the future, they said.

While centralized restaurant ordering platforms like Uber Eats and DoorDash dominate the market for such systems and are far more well-known than the ones affected by the campaigns, the hundreds of smaller platforms on the internet that serve local restaurants remain a valuable target for cybercriminals, researchers noted.

News URL

https://threatpost.com/magecart-restaurant-ordering-systems/180254/