Magecart skimming malware found on Forbes magazine subscription website. Troy Mursch, co-founder of Bad Packets found this malware there.
— Bad Packets (@bad_packets) May 15, 2019
How Magecart Malware Works
Read More: Game of Thrones S8 Links Down
Forbes spokesperson told El Reg that the investigation is still ongoing and till there is no evidence that any of the user’s card information was stolen.
They also advised recent subscribers to be aware and check their account transactions for any fraudulent activities.
According to reports, there are possibilities the Forbes could be the Victim of the recent supply chain attack.
Earlier this week security researcher Willem de Groot reported that hackers compromised Open source Alpaca Forms and analytics service Picreel and infected over 4,600 websites with malicious code.
Forbes is one of the customers of Picreel and more than 1200 records of Picreel customers was leaked online. Hackers may have used leaked data to inject skimmer to script to Forbes website.
Forbes is the latest victim Magecart campaign, earlier several major companies such as British Airways, Ticketmaster, Feedify, Newegg, MyPillow and Amerisleep were hit with Magecart infection.