Payment skimmers are hiding on websites via third party code

Today we will look intro Magecart problem; for the moment we cannot say if Magecart is a loosely-affiliated cybercrime group or just the modus operandi of a few disparate cybercriminals using the same toolkit. Magecart is to be blamed for several high-profile payment card breaches this summer, including TicketMaster.

Recently Magecart was stopped from pulling off a cyber attack that could have affected a big number of companies that are using the Shopper Approved customer rating plug-in on their websites.
According to researchers, hackers somehow compromised Shopper Approved’s servers to implant malicious JavaScript pointing to a domain under Magecart’s control, in order to skim card numbers and data as it is entered by customers into payment forms.

This is almost the perfect crime because the host website is unlikely to notice the skimming until defrauded customers tell them.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

Luckily researchers detected the Magecart skimmer on Shopper Approved and managed to remediate it. The malicious code was removed two days later with minimum damage, only a very small percentage of our clients were involved.
This incident highlights the size of the problem Magecart has become; Magecart was first noticed in 2015 when it targeted smaller sites using Magento.

Thanks to Magecart, companies are now increasingly prohibiting third-party code on sensitive pages.
Site owners can also reduce the risks of third-party code by using the Content-Security-Policy header and Subresource Integrity validation. Also, don’t forget that malicious code can also sneak on to websites at build time via supply chain attacks on package repositories.

We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.