A criminal Magecart gang successfully compromised hundreds of e-commerce websites via a malicious script that silently harvested personal data and payment card information as customers bought goods and services online.
According to researchers at Trend Micro and Risk IQ, websites affected by the breach at Adverline included ticketing, travel and flight booking services as well as online stores selling cosmetic, healthcare and apparel products.
Your company may have security in place to prevent hackers from successfully breaking into your systems. But with a Magecart-style attack, they haven’t directly compromised your IT infrastructure. Instead, they have poisoned a third-party script used by your website. It’s equivalent to poisoning a water supply upstream from where it’s being drunk.
Furthermore, the exploitation of the Adverline ad network underlines a tactic often seen in Magecart attacks. Criminals will take advantage of the fact that a typical website’s security team is more likely to be fully-staffed during the working week and left less well-defended at other times. Often exploitation appears to take place at weekends or — in this case — between January 1st and January 5th, (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/featured/magecart-hundreds-websites-supply-chain-hijack/