Magecart: TrueFire, which is an online tutoring website that teaches guitar, has alerted its customers that their data was exposed to unauthorized parties. TrueFire stated that they do not store credit card information on their website, but threat actors managed to steal credit card information as it was entered by customers completing the checkout process. Magecart attacks work by injecting malicious code into a compromised website in the form of an e-skimmer that allows the threat actors to steal card numbers even if the website does not store the information. Technical details of the attack were not shared by the company other than the fact that the attack was noticed on January 10th, 2020 and stopped on January 14th. However, it appeared to have been stealing credit card numbers since August 3rd, 2019.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is