Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites
We discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels — the second time we’ve seen a Magecart threat actor directly hit ecommerce service providers instead of going for individual stores or third-party supply chains. With special thanks to our colleagues at abuse.ch and The Shadowserver Foundation for helping to take down the Magecart domain.