informa
Quick Hits

Website Collecting Australian Fire Donations Hit by Magecart

The attack may have compromised donors' payment information.

A website gathering donations for the victims of the wildfires in Australia has been hit by a credential-skimming attack, placing the payment information of donors at risk. The attack, identified as the work of Magecart, injected the ATMZOW skimmer into the charity's website code, grabbed payment information, and forwarded it to a third-party destination with an obfuscated web address.

According to the research team at MalwareBytes, which discovered the compromise, the destination server has now been taken offline, though the skimmer code is still present on the site. A researcher from Bad Packets Report noted that the same skimmer code is currently in place on 39 additional websites.

For more, read here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "6 Unique InfoSec Metrics CISOs Should Track in 2020."

Recommended Reading:
Editors' Choice
Steve Zurier, Contributing Writer
Orion Cassetto, Senior Director of Product Marketing at Cycode
Jon Hencinski, Director of Threat Detection & Response, Expel.io