The threat actors behind the Magecart payment card skimming attacks have claimed another high-profile victim. According to researchers and public communications from the financial website Forbes; a Magecart attack occurred on May 15. The attack was first noticed by the founder of Bad Pockets Report and security researcher Troy Mursch. In a tweet, Mursch detailed the discovery of the Magecart attack while simultaneously contacting Forbes.
As reported in an interview that Mursch did with Kaspersky Lab’s Threatpost, the researcher uncovered a script linked to Magecart on Forbes’ subscription page (which is forbesmagazine.com and is different from the main online page forbes.com). The goal of the threat actors was to steal the payment data from any individual signing up for membership to the magazine. The page was then taken down by Forbes but is back up after being repaired by third-party security professionals trained in incident response.
According to Forbes, the company is “fairly confident” that nobody was affected by the Magecart skimmer. Troy Mursch is not quite as convinced as Forbes, however, as a recent tweet stated that “If you made a purchase on the site while it was compromised, your credit-card information was likely stolen.” To be on the safe side, every person that did business with Forbes should check their payment statements for suspicious activity. It is advisable to continue monitoring your account, for some time into the future, as payment data is passed around on the Dark Web for months to come.
Magecart seems unstoppable at this point in the sense that it keeps infecting well-known targets. While incident response teams are able to handle the malicious code once it’s detected, there still is no concrete method of preventing the infection in the first place. Sure, there are steps like securing your first-party code and mitigating third-party risk, but these are not foolproof. In all honesty this is going to be a major headache for security experts as time goes on.
Unfortunately, Magecart is just getting started.
Featured image: Forbes