Sanguine Security Labs uncovered that a large-scale Magecart campaign breached almost 962 e-commerce stores in just 24 hours.
“Our crawlers detected 962 breached stores last night. It is the largest automated campaign to date (previously: MGCore with 700 stores),” Sanguine Security Labs tweeted.
Automated attack campaign
This Magecart campaign is an automated attack campaign that breached over 962 e-commerce stores and successfully stole customers’ payment card details in just 24 hours time-frame.
“This is the largest number of breaches [of] stores over a 24-hour period, which implies that their operation is highly automated. Victims are from all over the world, so were likely chosen opportunistically,” Willem de Groot told Computer Business Review.
“I am still waiting for logs to accurately say how they got compromised, but at first glance it appears to be a PHP object injection exploit for an existing vulnerability,” he added.
Yet another Magecart attack
Security researcher Micham uncovered another Magecart attack, wherein attackers injected a malicious skimmer within the site of The Guardian via old AWS S3 bucket and using wix-cloud[.]com as a skimmer gate.