Websites Infected with Card-Skimming JavaScript Fail to Respond to Warnings

Last updated July 6, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

Apparently, discovering code on a website does not mean the admins will clean their online shop. Researchers Jacod Pimental and Max Kersten tracked down Russian actors who were using JavaScript code to steal credit card and payment data from nine e-commerce platforms. Upon this discovery, which took place weeks ago, the researchers notified the website owners who responded with characteristic apathy. Thus, the websites remained infected with card skimmers for a long time, and some still remain infected. Here’s a list with the current status:

  1. “Suplementos Gym” - notified on January 31 and again on February 7, skimmer eventually removed;
  2. “Bahimi Swimwear” - infected in November 2019, skimmer removed on February 7;
  3. “TitansSports” - notified in early January and removed the skimmer;
  4. “BVC” - infected on February 3, skimmer still present;
  5. “MyMetroGear” - notified on February 4, skimmer still present;
  6. “True Precision” - notified on February 4, skimmer still present;
  7. “Fashion Windows Treatments” - notified on February 6, skimmer still present;
  8. “Skin Trends” - notified on February 6, skimmer removed;
  9. “Natonic” - responded immediately and removed the skimmer;

That said, if you bought something from the above websites recently, you might have had your payment data stolen by Russian hackers. To mitigate the risks of being burdened by fraudulent transactions, you should monitor your bank account and credit card activity, and report anything suspicious to your card issuer immediately. If you do that in time, the bank will reverse the transactions, and you won’t have to cover the associated expenses. For those who can’t afford to take any risks, there’s always the option of freezing your account.

The skimmer was hosted on “toplevelstatic.com,” and the script is the same one that was recently used by “MageCart Group 12,” one of the most active and prolific actors in the field. The e-commerce platform administrators should have acted more responsibly, keeping their website code clean and up to date. Still, instead, they have failed to address the problem even after researchers pointed it to them. Magecart skimmers are on the rise, so if you don’t trust websites, you may at least use a trusty internet security suite that would detect these malicious snippets while you browse the net. Other than that, choose electronic payment methods instead of paying with your card. You can also shop from bigger and more reputable stores, as they pay greater attention to their security.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: