RiskIQ researched a short time ago that over 100 shops in the last six months been injected with malicious JavaScript code that exfiltrated payment card information users enter to pay for their shopping.

The Dutch developer William de Groot is looking into this problem for more than a year and the results getting worse.

Hackers installed already more than 6000 skimming scripts in online stores. In a wild-scale that could have compromised hundreds of thousands of credit cards.

The Dutch developer William de Groot found out that some stores running vulnerable versions of the Magento ecommerce platform also stores use Magento Enterprise Edition, which is used only by the largest online stores.

De Groot November 2015 scanning of 255k online stores around the world revealed 3501 compromised shops. The same scan in September 2016 showed 5925 online stores around the world.

And also in a short time only 48 hours another 170 new shops were fitted with skimming software.

But the most online merchants are not particular worried about that problem.

And the Victims a very from pop stars to car makers

The hackers are uploaded scripts and then their capture and ship credit cards from online shops to Russia-based command and control servers.  The stolen information is send to the collected servers most of this servers are based in Russia but that doesn’t mean that all the criminal compromises are Russian.

An unknown number of credit cards were stolen from supporter buying merchandise and offering donations through its online store it was the US National Republican Committee is the highest profile scalp the campaign.

The company didn’t answer on the question if the Register on remedial actions it had taken nor whether it could guarantee customer credit cards were safe.

De Groot have the guess that 21,000 credit cards had been skimmed.

De Groot says he think that he expects the number of stolen cards in the hundreds of thousands.

In Australia and New Zealand, some 267 businesses including NickScali and Barbeques Galore have been allegedly breached, along with local sites of Converse and luggage company American Tourister.

The US Franklin Institute and National History Museum appear on the breach list, along with scores of smaller stores from the UK and elsewhere around the world.

De Groot says the current wave of attacks have become stealthier in what may indicate new attackers have begun targeting shops.

The developer has warned some of the growing list of affected shops, but many remain actively breached with credit cards shipping off to attackers' servers.

Since April last year stores appear to be targeted through at least one since-patched bug reported and it affecting 88,000 stores. And the critical remote code execution vector granted the ability to write 100 percent discount coupons and access to credit cards.

De Groot has uploaded some malware samples for analysis when he has found some nine variations of the malicious scripts.

Some employ multiple levels of obfuscation, making analysis difficult, and mark their code as UPS delivery data in a bid to disguise the attacks from admins.


  • Yuzet Anywhere logo
  • Xperia Gamer logo
  • Weed Fabric Direct Logo
  • Trade-Mart.co.uk Logo
  • Sovereign Preservations Logo
  • Shade Cloth World Logo
  • SBR Logo
  • Retro Empire .UK
  • Reem Sports Logo
  • Realmpark Healthcare Logo
  • Prowse Logo
  • Picturehouse Entertainment Logo
  • Netvector Consulting Logo
  • Kids for Kids Logo
  • Home Ice Rink Logo
  • Gloabl Pharma Consulting Logo
  • Fabricius Green Logo
  • Eyeline Entertainment Logo
  • Digital Media Rentals Logo
  • Bullsigns Logo
  • Besport Europe Logo
  • Artisan Design & Build
  • All Advance Logo
  • 2020 Films Logo


Call us on 01382 770599 to discuss your project


Get in touch and we can sort out your troubles


We are ready when you are and raring to go!