A Magecart attack is when hackers breach online stores to inject malicious scripts that steal customers’ credit cards and personal information during checkout.
According to Akamai’s researchers monitoring this campaign, it has compromised organizations in the United States, the United Kingdom, Australia, Brazil, Peru, and Estonia.
The cybersecurity firm also points out that many of the victims have not realized they were breached for over a month, which is a testament to the stealthiness of these attacks.
The attackers’ first step is to identify vulnerable legitimate sites and hack them to host their malicious code, using them as C2 servers for their attacks.
By distributing the credit card skimmers using legitimate websites with a good reputation, the threat actors evade detection and blocks and are freed from needing to set up their own infrastructure.
Next, the attackers move to inject a small JavaScript snippet into the target commerce sites that fetches the malicious code from the websites compromised previously.
Full Link ( Here )
© CopyRights RawNews1st
