Security News
A faction under the Magecart umbrella, Magecart Group 8, targeted the website of the blender manufacturer, NutriBullet, in an attempt to steal the payment-card data of its online customers. Yonathan Klijnsma, threat researcher with RiskIQ, said in a Wednesday post that a JavaScript web skimmer code was first inserted on the website of the blender retailer on Feb. 20, specifically targeting the website's checkout page, where customers input their payment information.
Online guitar tutoring website TrueFire has apparently suffered a 'Magecart' style data breach incident that may have potentially led to the exposure of its customers' personal information and payment card information. TrueFire is one of the popular guitar tutoring websites with over 1 million users, where wanna-be-guitarists pay online to access a massive library of over 900 courses and 40,000 video lessons.
Online guitar tutoring website TrueFire has apparently suffered a 'Magecart' style data breach incident that may have potentially led to the exposure of its customers' personal information and payment card information. TrueFire is one of the popular guitar tutoring websites with over 1 million users, where wanna-be-guitarists pay online to access a massive library of over 900 courses and 40,000 video lessons.
UPDATE. A faction of the Magecart threat group, Magecart group 12, has been linked to a recent digital card skimmer attack bent on stealing payment data from a slew of websites, including ones selling anything from Olympic tickets to emergency preparation kits. Researchers also found the group's same skimming code used to target popular emergency preparedness sites; BePrepared.com, which sells survival kits and gear, and Augason Farms, which sells emergency food supplies.
Three individuals suspected of being involved in Magecart online skimming attacks were arrested late last year in Indonesia. The arrests were made as part of an international effort called Operation Night Fury, which saw participation from Interpol's ASEAN Cyber Capability Desk and Indonesian Cyber Police, as well as private cybersecurity company Group-IB. Over the past couple of years, numerous hacking groups have been operating under the Magecart umbrella, infecting thousands of e-commerce websites with JavaScript code designed to steal customers' credit card data.
Police in Indonesia have arrested three suspected members of an e-commerce hacking crew that employed JavaScript attack code to steal customer and payment card data. Joint press conference by Indonesian National Police & #INTERPOL on Operation Night Fury led by INTERPOL's #ASEAN Desk, sharing the successful arrest of 3 suspects involved in JS-sniffer campaign compromising e-commerce websites to steal credit card or online payment information pic.
The Indonesian National Police in a joint press conference with Interpol and cybersecurity firm Group-IB earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers. Group-IB helped Interpol identifying the suspects with its digital forensics expertise and "During the special operation, Indonesian Cyber Police seized laptops, mobile phones of various brands, CPU units, IDs, BCA Token, and ATM cards."
Blue Bear Software, an administration and e-commerce platform for K-12 schools and other educational institutions, is warning its customers that it has suffered a Magecart attack. "This time, the attack targeted an educational accounting software platform that parents use to pay for student fees, books and school supplies," Elad Shapira, head of research at Panorays, said in an emailed statement.
Hunting Magecart with URLscan.io read more
The streaming video and podcast content company was hit by a payment-card attack.