The Magecart group is back, the hackers this time compromised injected a skimmers script into the Forbes magazine subscription website.
The expert immediately attempted to report his discovery to Forbes via email, but without success.
The payment page was taken down at around 1400 UTC and it is still offline at the time of writing.
A Forbes spokesperson told El Reg that is investigating the incident and that at this stage, it is not aware of the theft of any customers’ credit card information. Recent subscribers should remain vigilant and check their credit card statements for signs of fraudulent activities.
Forbes was likely a victim of a supply chain attack, Magecart hackers have compromised a company that provides services to the media outlet.
During the weekend, the forensic expert Willem de Groot discovered that the records of customers of Picreel, a web marketing software supplier, had been leaked online.
Forbes is one of the customers of Picreel, and Magecart hackers used the leaked data to access Forbes infrastructure and install the skimmer script.
“Last weekend, security researchers surfaced new supply-chain attacks involving Magecart web-skimmers placed on several web-based suppliers, including AdMaxim,
Thousands of other companies that are customers at Picreel are at risk, potentially affected domains are listed here.
Security firms have monitored the activities of a dozen Magecart groups at least since 2015. The gangs use to implant skimming script into compromised online stores in order to steal payment card data, but they are quite different from each other.
According to a joint report published by RiskIQ and FlashPoint in March, some groups are more advanced than others. The list of victims of Magecart groups is long and includes several major platforms such as British Airways, Newegg, Ticketmaster, and Feedify.
Recently the Magecart group stole payment card details from the e-commerce system used by colleges and universities in Canada and the US.