Magecart group, which is well-known for carrying out credit card skimming attacks has now targeted OpenCart-based online stores. Yonathan Klijnsma of RiskIQ reported on this latest string of attacks carried out by the group.
According to the researcher, Group 12 of Magecart was found deploying skimmers on OpenCart sites similar to the ones used to target Magento-based sites. Furthermore, it made use of a domain name called ‘batbing[.]com’ in the exploits.
How was the attack executed?
Activities of Group 12
Unpatched platforms are the major issue
In his blog, Klijnsma emphasized that the reason for such attacks. “Major online stores running these platforms are usually victimized when a platform-wide vulnerability comes out that requires immediate patching. But the majority of outdated platforms run on smaller, mostly unknown stores. Attackers target plugins installed on these platforms, which are often vulnerable because their developers write code for functionality over security,” Klijnsma wrote.