Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets

From thehackernews.com

Magecart hackers

Hacking groups are continuing to leverage misconfigured AWS S3 data storage buckets to insert malicious code into websites in an attempt to swipe credit card information and carry out malvertising campaigns.

In a new report shared with The Hacker News, cybersecurity firm RiskIQ said it identified three compromised websites belonging to Endeavor Business Media last month that are still hosting JavaScript skimming code — a classic tactic embraced by Magecart, a consortium of different hacker groups who target online shopping cart systems.

Read more…