The UK’s National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal customers’ payment info.

In Magecart attacks (also known as web skimming, digital skimming, or e-Skimming), threat actors inject scripts known as credit card skimmers (aka payment card skimmers or web skimmers) into compromised online stores to harvest and steal the payment and/or personal info submitted by customers at the checkout page.

The attackers will later use this data for various financial and identity theft fraud schemes or sell it to the highest bidder on hacking or carding forums.

Victims urged to keep their software up-to-date

“The National Cyber Security Centre – a part of GCHQ – proactively identified 4,151 compromised online shops up to the end of September and alerted retailers to these security vulnerabilities,” the UK cybersecurity agency said.

“The majority of the online shops used for skimming identified by the NCSC had been compromised via a known vulnerability in Magento, a popular e-commerce platform.”

NCSC monitored these shops since April 2020 and issued warnings to site owners and small and medium-sized enterprises (SMEs) after discovering the compromised e-commerce sites via its Active Cyber Defence program.

Impacted online retailers were urged to keep Magento — and any other software they use — up-to-date to block attackers’ attempts to breach their servers and…

Read more…