Forbes hit by Magecart payment card skimming attack

The threat actors behind the Magecart payment card skimming attacks have claimed another high-profile victim. According to researchers and public communications from the financial website Forbes; a Magecart attack occurred on May 15. The attack was first noticed by the founder of Bad Pockets Report and security researcher Troy Mursch. In a tweet, Mursch detailed the discovery of the Magecart attack while simultaneously contacting Forbes.

As reported in an interview that Mursch did with Kaspersky Lab’s Threatpost, the researcher uncovered a script linked to Magecart on Forbes’ subscription page (which is forbesmagazine.com and is different from the main online page forbes.com). The goal of the threat actors was to steal the payment data from any individual signing up for membership to the magazine. The page was then taken down by Forbes but is back up after being repaired by third-party security professionals trained in incident response.

According to Forbes, the company is “fairly confident” that nobody was affected by the Magecart skimmer. Troy Mursch is not quite as convinced as Forbes, however, as a recent tweet stated that “If you made a purchase on the site while it was compromised, your credit-card information was likely stolen.” To be on the safe side, every person that did business with Forbes should check their payment statements for suspicious activity. It is advisable to continue monitoring your account, for some time into the future, as payment data is passed around on the Dark Web for months to come.

Magecart seems unstoppable at this point in the sense that it keeps infecting well-known targets. While incident response teams are able to handle the malicious code once it’s detected, there still is no concrete method of preventing the infection in the first place. Sure, there are steps like securing your first-party code and mitigating third-party risk, but these are not foolproof. In all honesty this is going to be a major headache for security experts as time goes on.

Unfortunately, Magecart is just getting started.

Featured image: Forbes

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

IFA 2019: All the top smartphone announcements and unveilings

IFA 2019, this year’s version of the annual consumer electronics trade show, did not disappoint. Is one of these smartphones…

10 hours ago

Outlook connectivity: Troubleshooting and solving common issues

IT professionals all dread getting this fevered message from employees and clients: “I’m having Outlook connectivity issues!” Here’s what you…

15 hours ago

Using tags with Azure runbook automation to control your costs

Here’s a script designed to start and stop virtual machines based on tags associated at the resource group level. It…

18 hours ago

Software-defined perimeter solutions: Why this is the future of security

Traditional VPNs are showing their age in the modern cloud-powered workplace. That’s why software-defined perimeter solutions are in your future.

3 days ago

Why you need to check your virtualization host’s NUMA configuration

Should you disallow NUMA spanning in your Hyper-V architecture? There are two sides to this story, and you’ll get both…

4 days ago

Getting started with Visual Studio Code and integrating with Azure DevOps

Coding may not be the No. 1 job duty for cloud admins, but it is often a part of the…

4 days ago