{
  "name": "Hundreds of online stores hacked in new campaign",
  "slug": "hundreds-of-online-stores-hacked-in-new-campaign",
  "description": "A cybersecurity report details a malware campaign targeting numerous e-commerce websites running the popular Magento platform. Threat actors exploited a vulnerability to inject malicious code that skims payment data from online shoppers during checkout. The skimmer code is loaded from attacker-controlled domains, enabling criminals to harvest credit card numbers, expiration dates, and CVVs in real-time. Over a thousand unique theft attempts were detected, affecting hundreds of compromised stores. Retailers and shoppers should remain vigilant and use reputable security solutions to mitigate such threats.",
  "published": "2024-08-23T07:06:58+00:00",
  "created_at": "2024-08-23T07:06:58+00:00",
  "modified_at": "2024-08-23T07:30:58+00:00",
  "created_at_opencti": "2024-08-23T07:06:58+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-08-23",
    "e-commerce",
    "fraud",
    "injection",
    "magento",
    "payment",
    "skimming"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "vodog.shop"
      },
      {
        "id": "",
        "name": "statmaster.shop"
      },
      {
        "id": "",
        "name": "statlstic.shop"
      },
      {
        "id": "",
        "name": "statistall.com"
      },
      {
        "id": "",
        "name": "salesguru.online"
      },
      {
        "id": "",
        "name": "pixelsmith.shop"
      },
      {
        "id": "",
        "name": "luckipath.shop"
      },
      {
        "id": "",
        "name": "happywave.shop"
      },
      {
        "id": "",
        "name": "deslgnpro.shop"
      },
      {
        "id": "",
        "name": "datawiz.shop"
      },
      {
        "id": "",
        "name": "codemingle.shop"
      },
      {
        "id": "",
        "name": "codcraft.shop"
      },
      {
        "id": "",
        "name": "artvislon.shop"
      },
      {
        "id": "",
        "name": "analytlx.shop"
      },
      {
        "id": "",
        "name": "trendset.website"
      }
    ],
    "attack_patterns": [
      {
        "id": "a45aa6e5-a2ef-4b94-a9a7-5fcd4ef10299",
        "name": "T1059.008"
      },
      {
        "id": "c10eac8a-a5d7-465a-b557-8a1f7fc6ef99",
        "name": "T1598.003"
      },
      {
        "id": "5c67e5d2-bc85-4ce0-822d-f2f5d3b0ae4e",
        "name": "T1185"
      },
      {
        "id": "32b33067-6566-4b8d-be80-e96f765d84de",
        "name": "T1059.001"
      },
      {
        "id": "9322d33b-00c1-4f99-9f1a-a33d93c0dac2",
        "name": "T1059.007"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "Retail"
      }
    ]
  },
  "external_refs": [
    "https://www.malwarebytes.com/blog/news/2024/08/hundreds-of-online-stores-hacked-in-new-campaign",
    "https://otx.alienvault.com/pulse/66c851335edada0eac344044"
  ]
}