Magecart has compromised over 17,000 sites through unprotected Amazon S3 servers.

Magecart has compromised over 17,000 sites through unprotected Amazon S3 servers.

By default, there is no picture in this Topic

[ad_1]

Incorrectly configured Amazon S3 buckets allowed attackers to inject malicious code at the end of each JavaScript file.

One of the groups Magecart introduced a skimming script on more than 17 thousand sites, some of which are on the Alexa Top 2,000 list.

Magecart is a term that unites several cybercriminal groups that specialize in implementing scripts to steal bank card data in payment forms on websites.

According to the new RiskIQ report, criminals scanned the Internet for incorrectly configured Amazon S3 buckets, which allowed anyone to view and edit the files contained in it. When such a bake was found, the attackers searched for JavaScript files and injected a skimming code at the end of each file.

According to experts, the campaign began in April 2019. Cybercriminals changed their approach and instead of targeted attacks decided to cover as many sites as possible. Even if the skimming code hits only a few sites with payment forms, the attack will still benefit the criminals.

This is the second Magecart attack in the last two weeks. Previously, experts from Sanguine Security uncovered a malicious campaign in which attackers successfully hacked 962 e-commerce sites. A malicious Java script was found on all websites to steal bank data.

.

[ad_2]
Securitylab.ru
Source link

TAGS
Share This