Furthering the list of MageCart victims, now emerges a European skincare brand. It turns out that multiple Perricone websites suffered MageCart attacks with at least one becoming a victim of the breach.
Reportedly, the European skincare brand Perricone has become the latest victim of card-data theft. According to the researchers, the UK, Italy and German websites of Perricone brand suffered separate MageCart attacks over the year.
While the attacks took place on all three websites, evidence revealed that the MageCart successfully stole data from only one site. In fact, since there were two different MageCart groups behind the attacks, it seems only one of them actually succeeded.
Elaborating their findings in a blog post, Sam Jenkins of RapidSpike revealed that the first attack happened in November 2018. However, owing to a mistake in the code, the skimmer failed to load from the malicious MageCart domain (js-react.com).
Whereas, in November 2019, a second hacking attack targeted Perricone websites, this time being successful. In this attack, they not only registered a similar malicious domain (perriconemd.me.uk) but also limited the skimmer to load on the check-out page only.
However, scratching the surface let the researchers find out numerous other domains registered on the same server that was found involved in Perricone attacks.
RapidSpike observed that the attacks might have taken place by exploiting vulnerabilities in the Magento platform backing the Perricone websites.