- Nov 3, 2019
- 413
Suspected members of a MageCart group that stole payment card information from customers of hundreds of hacked online stores are now in custody of the Indonesian police.
Named GetBilling by some cybersecurity researchers, the group has been operating since at least 2017 and is responsible for 1% of all MageCart incidents, at a minimum.
MageCart attacks use malicious JavaScript code to collect payment and personal information users enter on the checkout page of a compromised online store. The script is also referred to as JS-sniffer, web skimmer, or e-skimmer.
According to Cyberthreat.id the following dozen shops were infected with the GetBilling web skimmer:
After the three were arrested in Indonesia, Sanguine Security detected the GetBilling script on other websites.
Named GetBilling by some cybersecurity researchers, the group has been operating since at least 2017 and is responsible for 1% of all MageCart incidents, at a minimum.
MageCart attacks use malicious JavaScript code to collect payment and personal information users enter on the checkout page of a compromised online store. The script is also referred to as JS-sniffer, web skimmer, or e-skimmer.
According to Cyberthreat.id the following dozen shops were infected with the GetBilling web skimmer:
- thebigtrophyshop.co.uk
- rebelsafetygear.com
- infinitetee.co.uk
- screenplay.com
- sasy420.com
- adelog.com.au
- getitrepaired.co.uk
- geigerbtc.com
- hygo.co.uk
- jorggray. co.uk
- iweavehair.com
- ap-nutrition.com
After the three were arrested in Indonesia, Sanguine Security detected the GetBilling script on other websites.