Australian Bushfire Donation Site Hit by Data Stealing Malware

Australian Bushfire Donation Site Hit by Data Stealing Malware Featured Image
Bojan Jovanovic Image

January 15,2020

DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.
A website set up to collect donations for victims of Australia’s bushfires has fallen victim to a credit card skimming attack. 

Researchers at Malwarebytes reported in a Twitter post that Magecart groups infected the site by implanting a card-skimming script on the checkout page of the website to steal the payment information of the donors. 

The stolen information included the names and numbers on the cards, expiry dates, CVV codes and home addresses.      

The software used for skimming was identified as ATMZOW. But the real culprit appears to be the outdated Magento software, which is infamous for being an easy and very common target for hackers. The name of the targeted site has not been made public.  

Magecart style attacks are on the rise with thousands of hosts for these malicious scripts. Researchers identified 39 infected websites from ATMZOW alone, all pointing to a single, well-documented domain and batch of scripts. 

There are no comments yet
Leave your comment

Your email address will not be published.*