Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Massive Magecart campaign targets sites offering counterfeit sneakers

Crooks are targeting these hundreds of sites offering counterfeit sneakers to install malicious Magecart scripts and steal payment credit card data. While sneakers are becoming even more popular, the number of sites offering counterfeit sneakers is rapidly increasing and crooks want to monetize this trend by compromising them. Researchers at Malwarebytes reported that hackers are […]

counterfeit sneaker sites

Crooks are targeting these hundreds of sites offering counterfeit sneakers to install malicious Magecart scripts and steal payment credit card data.

While sneakers are becoming even more popular, the number of sites offering counterfeit sneakers is rapidly increasing and crooks want to monetize this trend by compromising them.

Researchers at Malwarebytes reported that hackers are now targeting these sites to plant malicious Magecart scripts designed to steal buyers’ credit card information.

“We recently identified a credit card skimmer injected into hundreds of fraudulent sites selling brand name shoes. Unfortunate shoppers may not only be disappointed with the faux merchandise, but they will also relinquish their personal and financial data to Magecart fraudsters.” reads the post published by Malwarebytes.

The experts uncovered a large-scale hacking operation that is targeting these counterfeit sneaker sites, many of which are still online.

The Magecart skimmer code was appended to an obfuscated JavaScript file called translate.js in the checkout page.

The JavaScript captures shoppers’ credit card data and sends them to a server located in China having the IP address 103.139.113[.]34.

The massive campaign compromised e-commerce sites having similar templates, and running upon outdated versions of Magento (under 1.9.4.2) and PHP under 5.6.40. Experts also noticed that all of them were located on a small number of IP address subnets.

The attackers likely used a malicious scanner against crawled IP ranges and used the same vulnerability to compromise each online store offering counterfeit products.

The full list of the compromised stores, along with Indicators of Compromise (IoC) are available on the analysis published by Malwarebytes.

counterfeit sites pose a double threat, not only from obtaining illicit goods but also getting robbed of data by a different group of criminals.” concludes the post.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – counterfeit sneaker sites, Magecart)

[adrotate banner=”5″]

[adrotate banner=”13″]