Australian bushfire donation site hit by data stealing malware

Wildfire - Featured image

A website set up to collect donations for victims of Australia’s bushfires has fallen victim to a credit card skimming attack. 

Researchers at Malwarebytes reported in a Twitter post that Magecart groups infected the site by implanting a card-skimming script on the checkout page of the website to steal the payment information of the donors. 

The stolen information included the names and numbers on the cards, expiry dates, CVV codes and home addresses.      

The software used for skimming was identified as ATMZOW. But the real culprit appears to be the outdated Magento software, which is infamous for being an easy and very common target for hackers. The name of the targeted site has not been made public.  

Magecart style attacks are on the rise with thousands of hosts for these malicious scripts. Researchers identified 39 infected websites from ATMZOW alone, all pointing to a single, well-documented domain and batch of scripts.