silversurfer

Level 52
Verified
Trusted
Content Creator
Malware Hunter
A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded a Magecart script - code that steals payment information from customers.

Online poker enthusiasts use the Poker Tracker software suite to improve their winning chances by making decisions based on statistics compiled from the opponents' gameplay.

A report on August 8 indicated that Malwarebytes anti-malware blocked Poker Tracker from connecting to a domain known to host credit card skimmers - scripts that copy payment card details on checkout pages and delivers them to the attacker.
Read more below:
 

upnorth

Level 33
Verified
Trusted
Content Creator
The compromise was possible because PokerTracker.com was running Drupal 6.3.x, an outdated version that has security vulnerabilities.
Free CMS platforms, Wordpress etc is something one should always be careful around. Especially when it comes to commerce.