Magecart steals credit card info from online purchases. Magecart Impacts Hundreds of Thousands of Websites, Still Growing.
In a report released today, RiskIQ notes that the first Magecart threat they observed was on August 8, 2010. The phenomenon did not take off until last year, though, when British Airways, Ticketmaster, OXO, and Newegg were hit.
Since then, multiple attackers emerged creating dozens of card info skimming scripts and infecting thousands of websites. In one automated attack alone, over 960 stores were compromised.
If they can’t breach the site directly, they might be able to breach a 3rd-party.
Getting the code on the checkout page is possible by breaching the website directly or by compromising a web resource from a third party that is loaded on the page, such as an analytics script or a customer support widget.
Incorrectly configured Amazon Web Services accounts for a lot of that.