logo
logo

Ticketmaster breach 'part of massive card-skimming campaign

avatar
Kay Pry
Jul 12, 2018 06:32
img

Threat intel firm RiskIQ reckons the hacking group Magecart hit Ticketmaster only as part of a massive credit card card hacking campaign affecting more than 800 e-commerce sites.

Magecart has evolved tactically from hacking sites directly, to targeting widely used third-party software components.

According to RiskIQ researchers, Magecart likely breached the systems of Inbenta and SociaPlus, both third-party suppliers integrated with Ticketmaster websites, and added to or replaced custom JavaScript modules with their digital credit card skimmer code.

Malicious scripts injected into e-commerce websites can record the credit card data unwitting customers enter into online payment form before uploading the data to a server controlled by crooks.

Magecart is well-known to RiskIQ, which has been tracking the group's mendacious activities since 2015.

The group's credit card skimming attacks have been continuously ramping up in frequency, sophistication, and impact for years, according to the threat intel firm.

collect
0
avatar
Kay Pry
Jul 12, 2018 06:32
guide
Zupyak is a free content platform for publishing and discovering stories, software and startups.