Researchers with Netlab 360 have uncovered a new credit card skimming campaign affecting over 100 e-commerce websites, 6 of which are among the Alexa Top one million websites.
For over 5 months, threat actors have been injecting malicious code into legitimate websites, enabling them to steal credit card data such as the names of card holders, card numbers, expiration dates, and CVV numbers. The campaign resembles a Magecart attack. Magecart is an umbrella term for various criminal groups that attack e-commerce websites with the aim of injecting them with card skimming malware.
Read more: Researchers expose mass credit card stealing campaign