The recent bushfires in Australia have really hit home, and demonstrated the power mother nature can have.
Now parts of Australia are being hit by torrential rain. Although this has had positive effects with regards to dousing the bush fires, it has unleashed a whole new barrel of chaos on the country.
Harrowing pictures have been broadcast over the world’s media and on social media, and everyone wants to do their bit to help the country recover from one of the world’s worst natural disasters in recent times.
Do-gooders set up a website as a way to raise money to help people in their time of need. Many well-known stars such as Thor actor Chris Hemsworth, Kylie Minogue and actress Margot Robbie leading the way.
In such ‘Magecart’ style attacks, people enter their card details into the payment page. Press complete, then their details are exfiltrated to an external domain which the hackers control.
It’s a tried and tested method that works well, and can bag the cyber criminal a quick buck.
In this incident, the malicious script in question was identified as “ATMZOW” and the known bad domain it exfiltrated data to was spotted as vamberlo[.]com.
Deepak Patel, Security Evangelist at PerimeterX, didn’t condone the abhorrent depths this Magecart attack sunk to. He said:
“Given the lack of visibility into such client-side attacks, the website owners often find out about the data breach days or weeks after the code injection. This extended time allows skimmers to monetize the stolen cards to the fullest extent.
“Any site that process user PSS and accepts payments should take steps to shore up their application security by tracking and monitoring first – and third-party code execution on their sites in real time.”
Last year RiskIQ claimed to have identified over two million Magecart detections, demonstrating the increased popularity in this tactic with cyber criminals.