Magecart has compromised over 17,000 sites through unprotected Amazon S3 servers.
One of the groups Magecart introduced a skimming script on more than 17 thousand sites, some of which are on the Alexa Top 2,000 list.
Magecart is a term that unites several cybercriminal groups that specialize in implementing scripts to steal bank card data in payment forms on websites.
According to experts, the campaign began in April 2019. Cybercriminals changed their approach and instead of targeted attacks decided to cover as many sites as possible. Even if the skimming code hits only a few sites with payment forms, the attack will still benefit the criminals.
This is the second Magecart attack in the last two weeks. Previously, experts from Sanguine Security uncovered a malicious campaign in which attackers successfully hacked 962 e-commerce sites. A malicious Java script was found on all websites to steal bank data.