The Magecart threat group has struck again, this time attacking Shopper Approved – a piece of third-party software that provides rating seals for online stores. The attack consequently put payment data from multiple online stores at risk. It’s only the most recent attack for the notorious threat group which has been behind several large-scale breaches, including those of Ticketmaster and British Airways.
“Similar to the attack against Ticketmaster, this attack did not impact a single store directly,” said RiskIQ researchers in a post about the breach. “Instead, it attempted to skim payment information from multiple online stores at once by compromising a widely used third party.”
Read more about the latest attack by Magecart on Threatpost.