Automated Magecart Campaign Hits Over 960 Breached Stores
Over the weekend, Sanguine Security discovered an automated Magecart campaign that managed to inject 962 e-commerce stores with payment card skimming malware within a 24-hour timeframe. Magecart is an umbrella term for various criminal groups that attack web shops with the aim of injecting them with this kind of malware.
The campaign likely scanned the web for domains containing specific vulnerabilities, although the researchers haven’t yet confirmed which flaw(s) were targeted. Most of the compromised e-commerce stores were relatively small, but various enterprise websites were breached as well.