Scores of New Zealand online retail sites have been hacked and are infected by credit card skimming software that can steal customers’ payment information, a security researcher has found. The stores run vulnerable, unpatched versions of the Magento shopping cart software. Unknown criminals are using security holes in the vulnerable systems and inject malicious code written in Javascript, according to Willem de Groot, who runs a Magento hosting company in the Netherlands. As unsuspecting customers go to pay for their goods and services, the malware silently copies their credit card details and sends them to a server believed to be in Russia, hosted on a provider known to harbour cyber criminals.
View full story
ORIGINAL SOURCE: NZ Herald
