Malwarebytes researchers outlined a new Magecart attack that has been affecting the retailer Costway. Magecart is an umbrella term used to describe several groups of thieves that are focused on attacking e-commerce websites to steal credit card data. While researching a large number of affected websites with the Magento 1 e-skimmer, researchers identified a second threat actor that targeted Costway. The second threat actor designed a skimmer that would siphon the stolen credit card data from the original e-skimmer that was already targeting Costway. Furthermore, the new s-skimmer script is able to identify if the original skimmer script is taken off the website. If this happens, the secondary skimmer then deploys itself on the website as the main skimmer to continue to steal credit card data.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in