Advertising network compromised to deliver credit card stealing code
A Paris-based online advertising company was hacked, and its infrastructure used to deliver malicious JavaScript code to online stores, code that was designed to steal payment card details entered in checkout pages. Last year, one group that RiskIQ tracked as Magecart Group 5, pioneered this tactic and was responsible for hacks at 12 third-party companies, hacks through which Group 5 delivered its malicious card stealing code to thousands of online store. Now, RiskIQ says that a new group, which they’re tracking as Magecart Group 12, appears to have copied Group 5’s modus operandi and has breached Adverline to exploit its infrastructure in a similar fashion. RiskIQ says it’s been working with AbuseCH and the ShadowServer Foundation to take down Group 12’s server infrastructure, which appears to have been set up two months before the Adverline hack, in September 2018.