Security researchers have identified two seperate Magecart campaigns that target online ordering platforms. The campaigns are designed by the attackers for financial gain and the Magecart e-skimming software possesses the ability to exfiltrate card details. So far, the campaign has affected at least 311 US restaurants by injecting the software into three platforms. The platforms, MenuDrive, HarborTouch, and InTouchPOS, are popular domains that host restaurant websites. Security researchers warn that 50,000 payment cards have already been identified on the dark web as originating from this campaign, and many more may have been exposed.
The first campaign targeted just MenuDrive and Harbortouch. The campaign began around January of this year. The attackers leveraged the domains to attack a large number of partner restaurants using the domain’s services. The malicious skimmer could still be present on some of the websites, researchers noted. Individuals should be wary of the implications of using their card on these sites as the effects of the campaign are not fully mitigated.

Read More: Magecart Supply Chain Attacks Hit Hundreds of Restaurants