Entire world is familiar with Australian Bush fire, which has burned an estimate of 46 million acres. One billion animals were killed in this tragedy. People around the world are helping Australia to speed up relief process. And then, there are cyber criminals using this tragedy to exploit people who are helping by donating money.
Hackers attacked websites that were created to raise funds for victims, by injecting malicious JavaScript into the e-commerce checkout pages and donation sites.
This attack is known as Magecart. Malicious scripts are used to steal credit card information submitted by card holder and sent to another websites, which are controlled by cybercriminals or hackers. As there is a lack of visibility, website owners find out about the breach weeks after the code injection, giving attackers time to exploit the stolen card.
Magecart attack is targeting e-commerce and donation sites by injecting the malicious credit card skimmer script called ATMZOW into the site carts. Once the card holder enters the credit card details and other personal information, it is sent to the domain which is controlled by the hackers.
Law enforcement have shut down the compromised sites. But as the malicious code is still active on the websites, hackers can modify the site and once again start to collect payment from the donors.
Sites accepting payments and handling users’ PII (Personally identifiable information) must monitor first- and third-party code execution on their sites in real time to strengthen application security.