Indonesian Police and Interpol recently arrested three men who belong to Magecart hacking group for involvement in Magecart attacks. The police officials stated that it’s the first arrest of Magecart gang members.
The suspects, identified by initials ANF (27 years), K (35 years), and N (23 years), were accused of injecting JavaScript sniffers into websites to capture information entered by the site visitors. It’s said that the suspects allegedly used the stolen payment card data to purchase electronic and luxury goods.
“The three of them have carried out their actions since 2017 until now, and each has similar hacking abilities. The arrest of the hacking suspects began with the collaboration of Subdit II Dittipidsiber Bareskrim Police, Interpol, ASEAN Desk and IB-Group in the Night Fury Operation activities, which are joint operations with several communities both nationally and internationally in order to combat Malware used by hackers,” the officials said in a media statement.
Macy’s Magecart Attack
In October 2019, Macy’s, an American department store chain, stated that its customers have been hit by an attack that affected countless numbers of credit cards. The retailer stated that unknown intruders planted a card-stealing malware script on its payment site and collected customer details.
According to an official statement, the attackers installed a Magecart script on the checkout page of its website and siphoned off customers’ payment card details between October 7 and October 15, this year.
The compromised data included customers’ names, addresses, phone numbers, credit card numbers, card verification codes, and expiration dates.
What is Magecart Attack?
Magecart attack, also known as web skimming or e-skimming, is a form of cybercrime where attackers plant malicious JavaScript code on online stores.
In a Magecart attack, hackers gain access to a company’s online store website by compromising and hiding malicious code in it. The malicious code then collects the payment card information from users while making purchases on the infected site. It’s said that hackers either sell the stolen card data on the darknet or uses it to make fraudulent purchases.