Apparently, discovering code on a website does not mean the admins will clean their online shop. Researchers Jacod Pimental and Max Kersten tracked down Russian actors who were using JavaScript code to steal credit card and payment data from nine e-commerce platforms. Upon this discovery, which took place weeks ago, the researchers notified the website owners who responded with characteristic apathy. Thus, the websites remained infected with card skimmers for a long time, and some still remain infected. Here’s a list with the current status:
That said, if you bought something from the above websites recently, you might have had your payment data stolen by Russian hackers. To mitigate the risks of being burdened by fraudulent transactions, you should monitor your bank account and credit card activity, and report anything suspicious to your card issuer immediately. If you do that in time, the bank will reverse the transactions, and you won’t have to cover the associated expenses. For those who can’t afford to take any risks, there’s always the option of freezing your account.
The skimmer was hosted on “toplevelstatic.com,” and the script is the same one that was recently used by “MageCart Group 12,” one of the most active and prolific actors in the field. The e-commerce platform administrators should have acted more responsibly, keeping their website code clean and up to date. Still, instead, they have failed to address the problem even after researchers pointed it to them. Magecart skimmers are on the rise, so if you don’t trust websites, you may at least use a trusty internet security suite that would detect these malicious snippets while you browse the net. Other than that, choose electronic payment methods instead of paying with your card. You can also shop from bigger and more reputable stores, as they pay greater attention to their security.