More Than 500 Ecommerce Stores Hit with Malware Attack

The attack from Magecart installed digital card skimmers on hundreds of ecommerce stores to steal information from shoppers.
Conor Cawley

It might be time to change a few passwords and check on a few credit cards, as a new malware attack has infected a lot of ecommerce stores in service of stealing your personal information.

Online shopping has become increasingly popular over the last few years, particularly with the pandemic spurring shoppers to stay home and click their way to a new product. Unfortunately, that's exactly what scammers want to hear, as it allows them more opportunities to take advantage of vulnerable users inputting credit card information into any website they can get their hands on.

Subsequently, you may want to do a quick audit of your financial situation, because a security firm has discovered a large malware attack that is affecting nearly 500 ecommerce stores across the web.

Hackers Attach Credit Card Skimmers to Ecommerce Stores

According to a report from Santech, which is an ecommerce malware and vulnerability detection firm, approximately 500 ecommerce stores were infiltrated by Magecart, the catch-all term for competing cybercrime gangs that target ecommerce stores.

“Last week Sansec detected a mass breach of over 500 stores running the Magento 1 ecommerce platform. All stores were victim of a payment skimmer loaded from the naturalfreshmall.com domain.”

The hackers attached digital credit card skimmers to payment pages across these sites. If you visit one of these ecommerce sites, the malware displays a fake pop-up window disguised as a payment page for a product you're interested in. Once you fill it out with your information, it gets sent right to the hackers, which is not where you want it to be.

How to Avoid Getting Scammed

To be fair, this is a pretty advanced malware attack that is admittedly hard to avoid. In fact, spotting digital card skimmers on a website is nearly impossible for someone that doesn't have the proper training.

Fortunately, Sansec has offered to help potential victims of this malware attack to “run a clean-up and investigation, free of charge.” All you have to do is reach out and they'll help you get yourself back in order.

As for your overall ecommerce experience, there are some ways you can lessen your chances of getting scammed when it comes to shopping online. To start, antivirus software that specifically targets malware is the best way to at least have a first line of defense when it comes to any online threats.

Additionally, if you just want to be a bit safer online, you can always utilize a password manager or a VPN to protect your accounts and hide your online activity from potential nefarious cybercriminals.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Senior Writer for Tech.co. For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at conor@tech.co.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals