Ongoing Magecart campaign targets online ordering at local restaurants

A massive Magecart e-skimmer campaign siphoned off payment records from hundreds of restaurants by attacking their online payment platforms. Targets include MenuDrive, Harbortouch and InTouchPOS, according to a new advisory.

So far, researchers from Insikt Group, the threat research division of Recorded Future, Magecart attackers have released more than 50,000 stolen order payment records from at least 311 restaurants — and they’re offering them to the public. selling on the underground web. Researchers warn that they expect that number to rise.

The report adds that the compromised records include payment card data, as well as billing and contact details.

The three platforms in question deviate from Magecart’s usual target, the Magento e-commerce platform. During the pandemic, many local restaurants have been rushing to implement online ordering and payment, and they may not be paying attention to fixing vulnerabilities or strengthening security in general for their new business areas. ‘activity.

“Cybercriminals often seek the highest payment for the least work,” said Tuesday’s Magecart campaign report. “This has led them to target restaurant online ordering platforms; when a single platform is attacked, dozens or even hundreds of restaurants can have their transactions compromised, allowing cybercriminals to steal vast amounts of data. of payment card customers disproportionate to the number of systems they actually hack.”

Keep up to date with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly straight to your inbox.


Gladys T. Hensley