The Ticketmaster breach was not a one-off, but part of a massive digital credit card-skimming campaign.
Threat intel firm RiskIQ reckons the hacking group Magecart hit Ticketmaster only as part of a massive credit card card hacking campaign affecting more than 800 ecommerce sites.
Magecart has evolved tactically from hacking sites directly, to targeting widely used third-party software components. According to RiskIQ researchers, Magecart likely breached the systems of two third-party suppliers integrated with Ticketmaster websites – Inbenta and SociaPlus – and added to or replaced custom JavaScript modules with their digital credit card skimmer code.
Malicious scripts injected into ecommerce websites can record the credit card data that customers enter into online payment forms before uploading the data to a server controlled by crooks.
Read more…
Source: The Register.