Australia Bushfire Donation Site Suffered MageCart Attack

in australiabushfire •  5 years ago 


Recently, researchers found the MageCart attack on a donation site set up for the Australia bushfire donation. While the site is legit, the donors unwittingly fell prey to credit card skimming.

MageCart On Australia Bushfire Donation Site


Researchers from the Malwarebytes Labs have found an Australia Bushfire donation website under the MageCart attack. This incident exposed donor credit card details to the attackers behind the skimmer.

According to BleepingComputer, the researchers found a legitimate donation collection website for the Australia bushfire under a credit-card skimming attack. They noticed a malicious skimmer ‘ATMZOW’ script running on the checkout page of the website.

https://twitter.com/MBThreatIntel/status/1215693928764063744

Digging further into the code it was revealed that the script pilfered donor’s payment information from the checkout page. It then submitted the data to a domain vamberlo.com obfuscated in the script.

According to Troy Mursch, the same script affected 39 other websites as well. However, it isn’t clear whether the script utilized the same domain as that of the bushfire donation site.

https://twitter.com/bad_packets/status/1215726048769273856

Malicious Domain Now Down


Upon noticing the domain containing the malicious script, researchers managed to get the domain vamberlo.com shut down.

All other websites (if the MageCart code running on them utilized vamberlo.com as domain), as well as the Australia bushfire donation site, are now seemingly safe.

However, the malicious script is still running on the infected websites, at least on the bushfire donation site. Therefore, it is possible the attackers may modify the script at any time to run the skimmer again.

Credit card skimming attacks have been infecting various businesses and websites for quite a long time. And now, with the latest infection on a donation website, it is clear that the MageCart attackers don't really care where they make a buck.

Let us know your thoughts in the comments.

Posted from my blog with SteemPress : https://latesthackingnews.com/2020/01/13/australia-bushfire-donation-site-suffered-magecart-attack/

australiabushfire australiabushfiredonation australiabushfiredonationsitehacked carddata carddetails
5 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    2 votes
    1
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  5 years ago 

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://www.digitalmunition.me/australia-bushfire-donation-site-suffered-magecart-attack/

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00