By 
In a string of operations recently, security specialists at Aite Group and Arxan Technologies have revealed that online stores continue to be targeted by Magecart hackers in order to pilfer credit card data, affecting 80 more eCommerce sites.
All of these sites were running an obsolete version of Magento which is susceptible to formjacking and digital card scanning.
According to the analysis published by experts, “New research conducted by advisory firm Aite Group revealed that 100% of the eCommerce websites examined were not protected — making them easy prey for Magecart attacks. Even more startling is the fact that it took only 2.5 hours of research to uncover the 80 compromised sites.”
Security companies have watched the activities of a number of Magecart groups at least since 2015. The groups tend to implant scanning script into compromised online stores in order to snip payment card data, but they are quite different from each other.
A joint report published by RiskIQ and FlashPoint reveals that some groups are more progressive than others; particularly, the group tracked as Group 4 seems to be very sophisticated.
Experts say that not a single group of Megacart hackers hacked the 80 eCommerce sites.
The researchers used a source code search engine to search for obscured JavaScript online that matched with malevolent designs previously related to credit card skimmers used by Magecart.
“To conduct this research, Aite Group used a source code search engine that scoured the web for obfuscated JavaScript that was found in repeating patterns of previously published Magecart breaches on pastebin.com.” reads the report published by the experts.
“What was uncovered in this research is e-commerce websites’ systemic lack of in-app protection to secure their web forms and the failure of endpoint security solutions on the client side to protect consumers against this pervasive threat.”
