Forbes hit by Magecart payment card skimming attack

The threat actors behind the Magecart payment card skimming attacks have claimed another high-profile victim. According to researchers and public communications from the financial website Forbes; a Magecart attack occurred on May 15. The attack was first noticed by the founder of Bad Pockets Report and security researcher Troy Mursch. In a tweet, Mursch detailed the discovery of the Magecart attack while simultaneously contacting Forbes.

As reported in an interview that Mursch did with Kaspersky Lab’s Threatpost, the researcher uncovered a script linked to Magecart on Forbes’ subscription page (which is forbesmagazine.com and is different from the main online page forbes.com). The goal of the threat actors was to steal the payment data from any individual signing up for membership to the magazine. The page was then taken down by Forbes but is back up after being repaired by third-party security professionals trained in incident response.

According to Forbes, the company is “fairly confident” that nobody was affected by the Magecart skimmer. Troy Mursch is not quite as convinced as Forbes, however, as a recent tweet stated that “If you made a purchase on the site while it was compromised, your credit-card information was likely stolen.” To be on the safe side, every person that did business with Forbes should check their payment statements for suspicious activity. It is advisable to continue monitoring your account, for some time into the future, as payment data is passed around on the Dark Web for months to come.

Magecart seems unstoppable at this point in the sense that it keeps infecting well-known targets. While incident response teams are able to handle the malicious code once it’s detected, there still is no concrete method of preventing the infection in the first place. Sure, there are steps like securing your first-party code and mitigating third-party risk, but these are not foolproof. In all honesty this is going to be a major headache for security experts as time goes on.

Unfortunately, Magecart is just getting started.

Featured image: Forbes

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Facebook creating deep fakes — and for genuinely good reasons

Deep fakes are a catastrophe waiting to happen. Facebook’s attempt to create a tool that differentiates between real and fake…

2 days ago

Microsoft Intune gets a new streamlined user experience

Microsoft Intune is getting a bunch of new updates that will streamline the administration experience for users of the popular…

2 days ago

SD-WAN: Is this going to be your network of the future?

As businesses evolve into a SaaS/IaaS model for accessing applications, new network technology is crucial. SD-WAN is just such a…

2 days ago

Monitoring Exchange and the rest of your network to avert disasters

What you don’t know about Exchange and your network can come back to bite you. Monitoring Exchange is one way…

3 days ago

Quick tip: Removing warning messages from Azure cmdlets

Warnings are nice, except when they are annoying and unnecessary. Here’s a tip to show you how to remove warning…

3 days ago

Is the Group Policy Central Store still relevant in the age of Windows 10?

Having a Group Policy Central Store in Active Directory made life easier for administrators. But does it still work in…

3 days ago