We hope that many of you have been introduced to the MageCart hacker group which is known to use specific techniques to steal sensitive information from users worldwide. However, recently another group of cyber criminals has been found using the exact same method to leak credentials from various people shopping online. According to reports, more than 105 online shops were found to include the malicious script used to leak financial data.
The worst part of these scripts is that they launch on specific websites and steal sensitive credit card information right away. This data includes the card owner's name and surname, the number, CVV code, expiration term, and different types of details that relate to already made payment transactions.
The commonly-known Magento e-commerce platform has nothing to do with the malicious activity
The domain www.magento-analytics.com does not have anything to do with the well-known Magento e-commerce organization, even though the affected pages are using the company's software to run. The name is only a trick used by hackers to convince users about the domain's legitimacy while it is fake and malicious. When users remain confused, the bad actors carry out their activities without any sign.
The domain registration location is in Panama but researchers have also discovered that the IP address has been moving between different directories recently. This includes different types of countries and cities such as The United States, Arizona, then Russia Moscow, and finally China, Hong Kong.
Know what shopping websites you MUST avoid
Security experts haven't been able to detect all of the pages filled with the malicious code yet, so posts claiming that unreported Magento pages were affected by the cyber attack can increase in the future.
All Magento users using e-commerce services need to be accurate and careful while entering their accounts and making payments. Experts recommend all customers to regularly check all of their payment information and make sure that no suspicious payments are confirmed.
Continuously, it is advisable to perform all needed updates, take recommended precautionary measures which might be released by the organization as it should decrease the risk of potential danger. For possible future attempts, all users need to make sure that their passwords are strong and reliable enough so that they cannot be guessed easily. The well-known multifactor authentication feature is a very good strategy to use in such cases.