Malwarebytes announced in a Tuesday analysis that two malware domains of the newly found Magecart skimming marketing campaign, “scanalytic[.]org” and “js.staticounter[.]internet” , are a part of a broader infrastructure used to hold out intrusions.
The earliest proof of the marketing campaign’s exercise, primarily based on the extra domains uncovered, suggests it dates again to at the very least Could 2020.
Jérôme Segura, director of Menace Intelligence at Crunchbase mentioned: “We had been capable of join these two domains with a earlier marketing campaign from November 2021 which was the primary occasion to our information of a skimmer checking for the usage of digital machines.”
It’s unclear if Magecart is a company with course or just unconnected teams who use the identical technique of assault.
In 2015 the assaults gained notoriety for singling out the Magneto commerce platform. Since then the syndicate has expanded to a notable WordPress plugin named WooCommerce.
“Attackers comply with the cash, so it was solely a matter of time earlier than they shifted their focus towards the most well-liked e-commerce platform on the net,” Sucuri’s Ben Martin famous.