Malwarebytes detected a credit card skimmer belonging to a potent Magecart attack threat actor on Segway's online store embedded within a favicon.ico image file.
Researchers recorded the largest Magecart attack that compromised over 2,000 Magento stores and exposed the private and financial details of over 10,000 customers.
Hackers accessed personal, and credit card information of Warner Music Group customers through a three-month-long MageCart attack, a legal filing in California disclosed.
North Korean hackers are focusing heavily on Magecart attacks by planting malicious code in online shopping carts of individual stores and payment processors.
Volusion was the latest target for Magecart attacks with 6,500 online stores being compromised. Hackers altered Javascript code on the platform to skim off credit card numbers and payment information.
Recent research shows a sharp increase in Magecart attacks with a peak experienced in July when 962 sites were hit in one day and 17,000 domains infected through misconfigured Amazon S3 buckets.