Wednesday September 12, 2018

Credit Card Stealiing Magecart Malware Infects Feedify Service

Security researchers Placebo and Kevin Beaumont have discovered a Magecart malware infection in the Feedify JavaScript library used by thousands of eCommerce websites. Feedify is customer engagement tool that boasts of reaching 1 billion devices worldwide and the Magecart malware steals credit cards. According to Bleeping Computer, another security researcher, RiskIQ's own Yonathan Klijnsma verified that the Feedify stream is still infected. RiskIQ alleges that the Magecart group is responsible for the Ticketmaster and British Airways hacks.

News Image

In order to use the Feedify service, e-commerce sites need to add a Feedify JavaScript script to their site. If the Feedify script is compromised with MageCart, any visitors who go to e-commerce site that uses the Feedify script will also load the malicious code.