Magecart Card Skimmer found on Forbes Magazine Subscription Website

hacking news today

Security researchers discovered magecart skimming malware on Forbes magazine subscription website.

The malicious code was spotted by security researcher Troy Mursch,  co-founder of Bad Packets on May 15.

In MageCart attacks, attackers inject a malicious piece of javascript code into the checkout page of the website and collect all the data entered by the user and send to a remote server handled by the attack.

Attackers injected an obfuscated JavaScript into the HTML code of the payment section. The deobfuscated Magecart script can be found here.

Forbes magazine

The script steals users card numbers, expiry date, CVV/CVC verification codes, names, addresses, phone numbers and email.

The payment page was taken down at around 1400 UTC May 16 and is still offline.

A Forbes spokesperson told El Reg that the investigation is still ongoing and till there is no evidence that any of the user’s card information was stolen.

They also advised recent subscribers to be aware and check their account transactions for any fraudulent activities.

According to reports, there are possibilities the Forbes could be the Victim of the recent supply chain attack.

Earlier this week security researcher Willem de Groot reported that hackers compromised Open source Alpaca Forms and analytics service Picreel and infected over 4,600 websites with malicious code.

Forbes is one of the customers of Picreel and more than 1200 records of Picreel customers was leaked online. Hackers may have used leaked data to inject skimmer to script to Forbes website.

Forbes is the latest victim Magecart campaign, earlier several major companies such as British Airways, Ticketmaster, Feedify, Newegg, MyPillow and Amerisleep were hit with Magecart infection.

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin and Twitter.

You may be interested in reading: WhatsApp Critical Flaw Allowed Installation of Spyware on to Phones


Please rate this content