TrueFire Guitar Teaching Website Fell Victim to Magecart-Style Attack - Binary Defense

Threat Watch

Threat Watch TrueFire Guitar Teaching Website Fell Victim to Magecart-Style Attack

TrueFire Guitar Teaching Website Fell Victim to Magecart-Style Attack

Magecart: TrueFire, which is an online tutoring website that teaches guitar, has alerted its customers that their data was exposed to unauthorized parties. TrueFire stated that they do not store credit card information on their website, but threat actors managed to steal credit card information as it was entered by customers completing the checkout process. Magecart attacks work by injecting malicious code into a compromised website in the form of an e-skimmer that allows the threat actors to steal card numbers even if the website does not store the information. Technical details of the attack were not shared by the company other than the fact that the attack was noticed on January 10^th, 2020 and stopped on January 14^th. However, it appeared to have been stealing credit card numbers since August 3^rd, 2019.

ANALYST NOTES

Magecart attacks are relatively common because of the growing amount of online shopping and other websites that accept credit card payments. Website operators should closely monitor the JavaScript code used by their online checkout system, including any third-party code, for changes that could indicate an e-skimmer has been planted. Monitoring web servers for unauthorized access and unusual patterns of behavior can also alert website owners of a potential attack. Any customers who made purchases from the website between August 3rd, 2019 and January 14th, 2020 should be on the lookout for any fraudulent charges on their credit card. The use of virtual, one-time-use credit cards for online shopping can help victims avoid any fraudulent credit card charges, even if the card number is stolen from an online purchase. To read more visit: https://securityaffairs.co/wordpress/99875/hacking/truefire-magecart-attack.html