Websites Infected with Card-Skimming JavaScript Fail to Respond to Warnings

  • Researchers found skimmers on nine websites, and four of them still have the snippet running.
  • The actor behind this new scheme seems to be “MageCart Group 12,” coming from Russian infrastructure.
  • If you have shopped from the nine platforms recently, you should start monitoring your bank account closely.

Apparently, discovering code on a website does not mean the admins will clean their online shop. Researchers Jacod Pimental and Max Kersten tracked down Russian actors who were using JavaScript code to steal credit card and payment data from nine e-commerce platforms. Upon this discovery, which took place weeks ago, the researchers notified the website owners who responded with characteristic apathy. Thus, the websites remained infected with card skimmers for a long time, and some still remain infected. Here’s a list with the current status:

  1. “Suplementos Gym” - notified on January 31 and again on February 7, skimmer eventually removed;
  2. “Bahimi Swimwear” - infected in November 2019, skimmer removed on February 7;
  3. “TitansSports” - notified in early January and removed the skimmer;
  4. “BVC” - infected on February 3, skimmer still present;
  5. “MyMetroGear” - notified on February 4, skimmer still present;
  6. “True Precision” - notified on February 4, skimmer still present;
  7. “Fashion Windows Treatments” - notified on February 6, skimmer still present;
  8. “Skin Trends” - notified on February 6, skimmer removed;
  9. “Natonic” - responded immediately and removed the skimmer;

That said, if you bought something from the above websites recently, you might have had your payment data stolen by Russian hackers. To mitigate the risks of being burdened by fraudulent transactions, you should monitor your bank account and credit card activity, and report anything suspicious to your card issuer immediately. If you do that in time, the bank will reverse the transactions, and you won’t have to cover the associated expenses. For those who can’t afford to take any risks, there’s always the option of freezing your account.

The skimmer was hosted on “,” and the script is the same one that was recently used by “MageCart Group 12,” one of the most active and prolific actors in the field. The e-commerce platform administrators should have acted more responsibly, keeping their website code clean and up to date. Still, instead, they have failed to address the problem even after researchers pointed it to them. Magecart skimmers are on the rise, so if you don’t trust websites, you may at least use a trusty internet security suite that would detect these malicious snippets while you browse the net. Other than that, choose electronic payment methods instead of paying with your card. You can also shop from bigger and more reputable stores, as they pay greater attention to their security.



How to Watch Two Shallow Graves: The McStay Family Murders Online From Anywhere

If you enjoy crime documentaries, we have a recommendation for you as Investigation Discovery has just released a brand-new limited docu-series. It...

How to Watch Beat Shazam Season 5 Online From Anywhere

The game show that will have you on your feet is set to launch a new season pretty soon, and we have...

How to Watch Don’t Forget the Lyrics! Online From Anywhere 

It's summer, so game shows are on! The newest addition to the list comes from Fox, and it's a revival of a...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari