Researchers from RiskIQ have discovered a new Magecart skimmer that took over numerous websites in a recent campaign. Dubbed MakeFrame, this skimmer compromised 19 different websites to steal customers’ card data. Elaborating on their findings in a post, researchers stated that the new skimmer seemingly belonged to the Magecart Group 7. A more in-depth analysis of the skimmer revealed that it exhibited sophisticated obfuscation techniques to avoid detection. As stated, The researchers could detect numerous versions of this skimmer. Some of these sported high-level obfuscation, whereas some had clear codes. Analyzing all of these let the researchers related all the skimmers o different websites. Besides, the attackers behind this skimmer did not only aim at stealing data. Instead, they also intended to achieve more targets from the victim sites. Detailed technical analysis of the skimmers is available in the researcher’s post. The researchers shared that they observed a 20% rise in Magecart attacks in the present days. Though, Magecart skimming attacks are nothing new. In the present-day scenario, when people are obliged to shop online, such attacks pose a higher level of threat, risking more users. Yes, we have witnessed in the past how the attackers never miss exploiting global disasters to gain benefits. For instance, the skimming attack on an Australia bushfire donation site a couple of months ago.
