BankInfoSecurity
Compliance
@prajeetspeaks) • May 18, 2021 Get Permission
Magecart Group 12, known for skimming payment cards from e-commerce websites using JavaScript skimmers, is using an updated attack technique to gain remote administrative access to sites that run an older version of Adobe s Magento software, according to an analysis by Malwarebytes Labs’ Threat Intelligence Team.
The latest incarnation of an umbrella group of least seven distinct cybercriminal groups, Magecart Group 12, which was involved in another hacking spree last fall, is using an updated technique that uses PHP web shells, known as Smilodon or Megalodon, Malwarebytes says. The web shells dynamically load JavaScript skimming code via server-side requests into online stores to stay undetected by client-side security tools so they can then steal payment information.