A new MageCart attack made the headlines, crooks installed a software skimmer on a website that collects donations for the victims of the Australia bushfires.
Experts from Malwarebytes have discovered a new Magecart attack that compromised a website collecting donations for the victims of the Australia bushfires.
Crooks planted a malicious script on the website that was designed to steal the payment information of the donors and send them to a domain under the control of the attackers.
The software skimmer named ATMZOW was planted in the checkout page and is executed when visitors of the site adds an item to their cart.
Stolen credit card data are sent to the vamberlo[.]com domain.
“Malwarebytes’ Jérôme Segura has told BleepingComputer that once they became aware of the compromised site they were able to get the vamberlo[.]com shut down.” states the post published by Bleeping Computer.
The malicious domain used by the attackers was shut down, this means that the software skimmer is not able to send the stolen credit card data to the attackers, but we cannot exclude that attackers could use a different domain. The only way to secure the website is to remove the software skimmer, but the malicious code has yet to be removed.
Malwarebytes attempted to contact the owner of the website without success.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.