Ongoing Magecart Campaign Targets Online Ordering at Local Restaurants

  /     /     /  
Publicated : 23/11/2024   Category : security


Ongoing Magecart Campaign Targets Online Ordering at Local Restaurants


More than 311 local eateries have been breached through online ordering platforms MenuDrive, Harbortouch, and InTouchPOS, impacting 50K records — and counting.



A massive Magecart e-skimmer campaign has siphoned off the payment records of hundreds of restaurants by attacking their online payment platforms. Targets include MenuDrive, Harbortouch, and InTouchPOS, according to a new advisory.
So far, researchers at Insikt Group, Recorded Futures threat research division,
Magecart attackers
have posted more than 50,000 stolen order payment records from at least 311 restaurants — and theyre offering them for sale on the underground Web. Researchers warn they expect that number to rise.
The report added that the compromised records include payment card data, as well as billing and contact details.
The three platforms in question are a departure from Magecarts usual target, the Magento e-commerce platform. During the pandemic, many local restaurants rushed to implement online ordering and payment, and they may not be paying attention to patching vulnerabilities or shoring up security in general for their new lines of business.
Cybercriminals often seek the highest payout for the least amount of work, the Tuesday
Magecart campaign
report said. This has led them to target restaurants online ordering platforms; when even a single platform is attacked, dozens or even hundreds of restaurants can have their transactions compromised, which allows cybercriminals to steal vast amounts of customer payment card data disproportionate to the number of systems they actually hack.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Ongoing Magecart Campaign Targets Online Ordering at Local Restaurants