Security News

Sucuri researcher Ben Martin recently investigated a skimmer attack lodged against a WooCommerce site and found that it differs from prior payment-card campaigns that have targeted WordPress-based e-commerce destinations - in that the malware doesn't just intercept payment information entered into the fields on a check-out page. Forwarding payments to the attacker's PayPal email instead of the legitimate website owner. Seeing a dedicated credit card swiping malware within WordPress is something fairly new."

A Magecart threat actor tracked as "Group 7" has been using a skimmer that creates iframes to steal payment card data, RiskIQ reveals. In some cases, the compromised websites were abused to host the skimming code, load the code on compromised websites, and exfiltrate stolen data.

Cybersecurity researchers today uncovered an ongoing new Magecart skimmer campaign that so far has successfully compromised at least 19 different e-commerce websites to steal payment card details of their customers. MakeFrame attacks have been attributed to Magecart Group 7 for its approach of using the compromised sites to host the skimming code, load the skimmer on other compromised websites, and siphon off the stolen data.

Researchers have observed a new skimmer from the prolific Magecart Group that has been actively harvesting payment-card data from 19 different victim websites, mainly belonging to small- and medium-sized businesses, for several months. "In some cases, we've seen MakeFrame using compromised sites for all three of its functions - hosting the skimming code itself, loading the skimmer on other compromised websites and exfiltrating the stolen data," Herman and Ihm wrote.

People who made purchases from the official Tupperware website over the past couple of weeks may have had their payment card information stolen, cybersecurity firm Malwarebytes warned on Wednesday. The credit card skimmer was planted on the main website and some of its localized versions, Malwarebytes said.

Infosec firm Malwarebytes, which made the discovery, has gone public with its findings today after alleging Tupperware ignored attempts to alert it and to get the malware removed from its payment processing pages. "On March 20, Malwarebytes identified a targeted cyberattack against household brand Tupperware and its associated websites that is still active today. We attempted to alert Tupperware immediately after our discovery, but none of our calls or emails were answered," said Malwarebyes in a statement.

Concerned global citizens making donations to help fight the massive Australia bushfires have been caught up in a Magecart attack, after one of the groups implanted a payment-card skimmer on the check-out page of a legitimate online donation site. Researchers ran across the Magecart script, named "ATMZOW" after one of the strings in the code, stealing form data from the checkout page of the site.

A researcher has found two new methods that payment card number thieves are using to try to stay under the radar. The attackers are sometimes referred to as Magecart, a name for a slew of groups that steal payment card numbers.

Magecart started as the name given to a single criminal gang operating a software skimming attack targeting payment card data on web sites. The process proved so successful that other gangs began...

Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I'd never heard...