Magecart: A new campaign tied to Magecart has been discovered to have compromised 962 e-commerce stores around the world over a 24-hour period. Magecart is a conglomeration of multiple cyber-criminal groups who all utilize the same malware for the purpose of compromising payment systems. While the exact details of how the systems were exploited are currently unknown, it is believed that it possibly stemmed from a vulnerability in the Magento platform, although that has yet to be confirmed. This is the largest number of breaches in such a short period of time to ever take place. It currently appears that the victims were more targets of opportunity rather than part of a targeted attack campaign. It is currently believed that there are seven core groups operating as part of Magecart though.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased