Security News

Magecart Strikes Again ... This Time Forbes Magazine

The Forbes magazine subscription website has been attacked by the credit-card-skimming malware, Magecart.

Hackers installed malicious JavaScript on forbesmagazine.com, targeting credit cards of new users signing up for the paper edition. The script allowed details, such as card numbers and expiration dates, as well as CVV/CVC verification codes and customers' details - names, addresses, phone numbers and email addresses - to be sent to another web server used by the hackers.

Despite the attack, a Forbes spokesperson told The Register, "it doesn’t appear the crooks got anyone's credit card information, though an investigation is ongoing."

The Forbes attack may have occurred because of its association with Picreel, a web marketing software supplier. The records of Picreel customers, of which Forbes is one, were obtained by hackers, who were then able to install Magecart on forbesmagazine.com.

Magecart isn't new. It's been around since 2015 and has caused many disruptions for online traders. Among them, British banks were forced to replace 40,000 cards after Ticketmaster was attacked by Magecart, personal and payment information of around 380,000 British Airways customers were stolen, and the online shop of the Atlanta Hawks NBA basketball team was infiltrated.

RiskIQ's Yonathan Klijnsma, quoted in Bleeping Computer, said: "For every Magecart attack that makes headlines, we detect thousands more that we don’t disclose. Credit card-skimming groups are gaining efficiency, so it takes less time than ever for consumers to see their data stolen, seemingly out of nowhere."

Magecart shows no signs of slowing and nearly 2,500 websites - infected with payment card skimming scripts - were discovered during early April.

Keep track of vulnerabilities in your stack

Receive a free weekly email with a round-up of all vulnerabilities that affect your software as well as relevant security news and articles. See an example email

Earlier: