Cybercriminals hacked over 80 sites
Experts from Aite Group and Arxan Technologies have discovered the increased activity of cybercriminals Magecart. They continue to attack online stores in order to steal buyers’ bank card information.
Recently, cybercriminals have compromised over 80 e-commerce sites. Most of these resources were launched on an obsolete version of Magento, vulnerable to skimming techniques.
Among the compromised sites were resources belonging to serious brands.
“100% of the analyzed e-commerce sites were not properly protected from such attacks. It took only two and a half hours to identify 80 hacked resources, ”experts write in the report.
The cybercriminal group used a skimming script that was installed on the pages of hacked online stores. When visiting such a store, the user’s bank card information fell into the hands of criminals. Researchers also concluded that most hacked sites used Magento versions 1.5, 1.7, or 1.9. Vulnerabilities in these versions are known to allow downloading a file or executing code remotely.