Magecart Attack Spreads Rapidly

Card skimmer Magecart has been extremely active already for a few months, infecting e-Commerce sites and harvesting client data. However, after breaching popular provider of cloud-hosted stores Volusion, the infection spread to more than 6,500 online stores, and in the worst case may even reach 20,000 (all client stores of Volusion).

The group responsible for Magecart has gained access to Volusion's Google Cloud infrastructure - then injected a malicious code into Volusion's JavaScript library to log card details entered into online forms. The malicious code was then delivered to all client stores.

The skimmer copies all the information from the payment form: the victim’s name, address, phone number, email address, and credit card details - the number, cardholder name, expiration month and year, as well as CVV number.

Author image

About Ariadna Pawluk

Cybersecurity enthusiast, hunting all the freshest news, insights and tidbits.