While sneakers are becoming even more popular, the number of sites offering counterfeit sneakers is rapidly increasing and crooks want to monetize this trend by compromising them.
Researchers at Malwarebytes reported that hackers are now targeting these sites to plant malicious Magecart scripts designed to steal buyers’ credit card information.
“We recently identified a credit card skimmer injected into hundreds of fraudulent sites selling brand name shoes. Unfortunate shoppers may not only be disappointed with the faux merchandise, but they will also relinquish their personal and financial data to Magecart fraudsters.” reads the post published by Malwarebytes.
The experts uncovered a large-scale hacking operation that is targeting these counterfeit sneaker sites, many of which are still online.
The Magecart skimmer code was appended to
The massive campaign compromised e-commerce sites having similar templates, and running upon outdated versions of Magento (under 220.127.116.11) and PHP under 5.6.40. Experts also noticed that all of them were located on a small number of IP address subnets.
The attackers likely used a malicious scanner against crawled IP ranges and used the same vulnerability to compromise each online store offering counterfeit products.
The full list of the compromised stores, along with Indicators of Compromise (IoC) are available on the analysis published by Malwarebytes.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.