Sponsored By

Website Collecting Australian Fire Donations Hit by Magecart

The attack may have compromised donors' payment information.

Dark Reading Staff

January 14, 2020

1 Min Read

A website gathering donations for the victims of the wildfires in Australia has been hit by a credential-skimming attack, placing the payment information of donors at risk. The attack, identified as the work of Magecart, injected the ATMZOW skimmer into the charity's website code, grabbed payment information, and forwarded it to a third-party destination with an obfuscated web address.

According to the research team at MalwareBytes, which discovered the compromise, the destination server has now been taken offline, though the skimmer code is still present on the site. A researcher from Bad Packets Report noted that the same skimmer code is currently in place on 39 additional websites.

For more, read here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "6 Unique InfoSec Metrics CISOs Should Track in 2020."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights