MageCart is a generic name for attackers that inject a script that steals customer payment details in eCommerce sites. MageCart Group 12 has claimed 40 new victims through infecting various shopping websites with information-stealing JavaScript. MageCart Group 12 is just one of the threat actors involved in this type of cybercrime. Although the attacks are not overly sophisticated, the groups typically adjust what tactics they utilize as researchers continuously document their modus operandi.
Earlier this month, RiskIQ published a new report in which researchers details the new techniques employed by MageCart Group 12, highlighting the differences between their current and past campaigns. The group’s recent activity includes targeting any vulnerable website they can find, and previously, researchers found nine websites compromised by this particular group and reported them of the issues. However, the warnings fell mostly on deaf ears and RiskIQ identified 40 more websites compromised.
Read More: Credit Card Skimmer Running on 13 Sites, Despite Notification