Magecart Card-Skimmer Compromises Multiple Sites
Magecart, a malicious script designed to steal payment information during an online checkout session, recently affected at least eight websites, most notably Forbes Magazine. The majority of incidents began around May 10 and impacted a wide range of targets, suggesting that the threat actors used a “shotgun” technique to successfully compromise as many websites as possible for maximum effectiveness. Forbes was likely subject to a supply chain attack via Picreel – a website analytics service whom Forbes is a customer – which recently experienced a breach. The NJCCIC recommends users who recently accessed and processed payments through any of the affected websites to monitor their financial records, notify their bank of the possible compromise, and consider requesting a new payment card. For more information regarding the technical details and list of websites compromised, please review the Threat Post article, and for mitigations to protect against supply-chain attacks, view the HelpNet Security article and NJCCIC threat analysis article on supply chain risks.