Magecart skimming malware found on Forbes magazine subscription website. Troy Mursch, co-founder of Bad Packets found this malware there.
https://twitter.com/bad_packets/status/1128517905765683201
How Magecart Malware Works
In this attacks, attackers inject a malicious javascript code into checkout page of the website and collect all the data entered by the user and to a remote server handled by the attack.
Read More: Game of Thrones S8 Links Down
Attackers injected an obfuscated JavaScript into the HTML code of the payment section. The deobfuscated Magecart script can be found here.
Forbes spokesperson told El Reg that the investigation is still ongoing and till there is no evidence that any of the user’s card information was stolen.
They also advised recent subscribers to be aware and check their account transactions for any fraudulent activities.
According to reports, there are possibilities the Forbes could be the Victim of the recent supply chain attack.
Earlier this week security researcher Willem de Groot reported that hackers compromised Open source Alpaca Forms and analytics service Picreel and infected over 4,600 websites with malicious code.
Forbes is one of the customers of Picreel and more than 1200 records of Picreel customers was leaked online. Hackers may have used leaked data to inject skimmer to script to Forbes website.
Forbes is the latest victim Magecart campaign, earlier several major companies such as British Airways, Ticketmaster, Feedify, Newegg, MyPillow and Amerisleep were hit with Magecart infection.