Website Collecting Australian Fire Donations Hit by Magecart
A website gathering donations to support the victims of the horrific wildfires in Australia has been attacked by a credential skimming malware, placing thousands of donors at risk. The hack may have compromised donors’ payment information.
The attack was carried out using Magecart malware injected into the ATMZOW skimmer on the charity’s website code, which in turn grabbed payment information and forwarded it to a third party destination. MalwareBytes discovered the compromise and took the destination server offline, but the skimmer code remains on the site.