Home Security European Skin Care Perricone Websites Suffered MageCart Attacks

European Skin Care Perricone Websites Suffered MageCart Attacks

by ethhack

Furthering the list of MageCart victims, now emerges a European skincare brand. It turns out that multiple Perricone websites suffered MageCart attacks with at least one becoming a victim of the breach.

MageCart Attacks On Perricone Websites

Reportedly, the European skincare brand Perricone has become the latest victim of card-data theft. According to the researchers, the UK, Italy and German websites of Perricone brand suffered separate MageCart attacks over the year.

While the attacks took place on all three websites, evidence revealed that the MageCart successfully stole data from only one site. In fact, since there were two different MageCart groups behind the attacks, it seems only one of them actually succeeded.

Elaborating their findings in a blog post, Sam Jenkins of RapidSpike revealed that the first attack happened in November 2018. However, owing to a mistake in the code, the skimmer failed to load from the malicious MageCart domain (js-react.com).

Whereas, in November 2019, a second hacking attack targeted Perricone websites, this time being successful. In this attack, they not only registered a similar malicious domain (perriconemd.me.uk) but also limited the skimmer to load on the check-out page only.

However, scratching the surface let the researchers find out numerous other domains registered on the same server that was found involved in Perricone attacks.

No Fix From Perricone Yet

RapidSpike observed that the attacks might have taken place by exploiting vulnerabilities in the Magento platform backing the Perricone websites.

Upon finding the presence of malicious codes, RapidSpike informed Perricone MD of the attacks. They also collaborated with them for responsible disclosure.

However, according to Bleeping Computer, the malicious codes are still present on the websites, though, might not be working for some customers.

Therefore, the customers who have made online purchases with the brand should keep an eye on their payment card transactions.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Source link

Related Articles

Leave a Comment