home.social

#magecart — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #magecart, aggregated by home.social.

  1. On January 13th 2026, SilentPush released an article about a #MageCart campaign.
    Curious, I submitted a @ThinkstCanary CreditCard Token. 4 days ago, it triggered for the first time. Dwelltime: 4 months!
    Carddata Testing done via @amazon prime and a US based charity.
    #magecart #ccfraud #webskimming

  2. On January 13th 2026, SilentPush released an article about a #MageCart campaign.
    Curious, I submitted a @ThinkstCanary CreditCard Token. 4 days ago, it triggered for the first time. Dwelltime: 4 months!
    Carddata Testing done via @amazon prime and a US based charity.
    #magecart #ccfraud #webskimming

  3. On January 13th 2026, SilentPush released an article about a #MageCart campaign.
    Curious, I submitted a @ThinkstCanary CreditCard Token. 4 days ago, it triggered for the first time. Dwelltime: 4 months!
    Carddata Testing done via @amazon prime and a US based charity.
    #magecart #ccfraud #webskimming

  4. On January 13th 2026, SilentPush released an article about a #MageCart campaign.
    Curious, I submitted a @ThinkstCanary CreditCard Token. 4 days ago, it triggered for the first time. Dwelltime: 4 months!
    Carddata Testing done via @amazon prime and a US based charity.
    #magecart #ccfraud #webskimming

  5. On January 13th 2026, SilentPush released an article about a #MageCart campaign.
    Curious, I submitted a @ThinkstCanary CreditCard Token. 4 days ago, it triggered for the first time. Dwelltime: 4 months!
    Carddata Testing done via @amazon prime and a US based charity.
    #magecart #ccfraud #webskimming

  6. Magecart Linked ATMZOW Campaign Abuses Google Tag Manager to Inject Credit Card Skimmers

    Pulse ID: 6a09560f9a24f9d67148499f
    Pulse Link: otx.alienvault.com/pulse/6a095
    Pulse Author: cryptocti
    Created: 2026-05-17 05:45:51

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #ATMZOW #CreditCard #CyberSecurity #Google #GoogleTagManager #InfoSec #Magecart #OTX #OpenThreatExchange #bot #cryptocti

  7. Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide
    #Magecart
    silentpush.com/blog/magecart/

  8. Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide
    #Magecart
    silentpush.com/blog/magecart/

  9. Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide
    #Magecart
    silentpush.com/blog/magecart/

  10. Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide
    #Magecart
    silentpush.com/blog/magecart/

  11. Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide
    #Magecart
    silentpush.com/blog/magecart/

  12. Watch out as a new report reveals a widespread Magecart skimmer campaign targeting users of all major credit cards at online checkout.

    Read more: hackread.com/magecart-targets-

  13. Watch out as a new report reveals a widespread Magecart skimmer campaign targeting users of all major credit cards at online checkout.

    Read more: hackread.com/magecart-targets-

    #Magecart #CyberSecurity #OnlineShopping #InfoSec

  14. Watch out as a new report reveals a widespread Magecart skimmer campaign targeting users of all major credit cards at online checkout.

    Read more: hackread.com/magecart-targets-

    #Magecart #CyberSecurity #OnlineShopping #InfoSec

  15. Watch out as a new report reveals a widespread Magecart skimmer campaign targeting users of all major credit cards at online checkout.

    Read more: hackread.com/magecart-targets-

    #Magecart #CyberSecurity #OnlineShopping #InfoSec

  16. Watch out as a new report reveals a widespread Magecart skimmer campaign targeting users of all major credit cards at online checkout.

    Read more: hackread.com/magecart-targets-

    #Magecart #CyberSecurity #OnlineShopping #InfoSec

  17. 🎯 Threat Intelligence
    ===================

    Executive summary: Team Cymru analyzed carding infrastructure active between July and December 2025 and identified 28 unique IP addresses and 85 domains hosting carding markets or forums. These hosts primarily served login pages or forum landing pages, and many sat in offshore ASNs. Common top-level domains included .su, .cc and .ru.

    Methodology:
    • Internet-wide port scanning of ports 80 and 443 combined with passive DNS collection.
    • Regular Expression (Regex) searches across HTTP and HTTPS title banners for keywords such as CVV, Dumps, Carding, and Shop.
    • Indexing of X509 certificate Subject Common Names to cluster related infrastructure.
    • NetFlow telemetry used to link IP addresses into related infrastructure groups prior to obfuscation.

    Key findings:
    • Counts: 28 unique IPs and 85 domains identified as hosting carding market/forum entry points.
    • Hosting: Multiple ASNs were offshore infrastructure providers, suggesting use of resilient hosting to evade takedowns.
    • TLD usage: Predominant use of .su, .cc, and .ru as registration choices.
    • Operational role: The identified IPs predominantly served authentication or landing functions (login/forum landing pages), making them high-value targets for evidence collection.

    Technical analysis:
    • Clustering via X509 Subject CN reuse allowed attribution of different domains to shared operational infrastructure.
    • Title-banner Regex scanning provided high-fidelity indicators by catching explicit market/forum labeling in HTTP/S responses.
    • NetFlow correlation supplied behavioral linkage between IPs and broader infrastructure, useful for subpoena or takedown evidence.

    Detection and operational utility:
    • Internet-wide telemetry enabled identification of origin servers before they were proxied or hidden behind anonymization layers.
    • A Scout query was shared with Team Cymru customers for ongoing tracking of the uncovered infrastructure.

    Limitations and caveats:
    • No specific IoCs (hashes/C2 endpoints) were published in the summary beyond counts and TLDs.
    • Attribution beyond infrastructure linking was not provided in the report excerpt.

    🔹 carding #passiveDNS #netflow #magecart #threatintel

    🔗 Source: team-cymru.com/post/analysing-

  18. 🧩 3️⃣ Masivo robo de datos de pago de clientes de páginas web con malware Magecart.

    Cibercriminales han estado utilizando el malware Magecart para insertar código malicioso en tiendas online legítimas, de modo que captura datos de tarjetas de crédito y débito justo cuando los clientes compran.

    Este código invisible roba números de tarjeta, fechas de vencimiento y códigos CVV, comprometiendo la seguridad de miles de personas sin que lo noten al comprar.

    🔒 ¿Tus compras en línea son realmente privadas… o alguien más está leyendo lo que escribes?

    #Privacidad #Ciberseguridad #Magecart #PagosOnline

    blog.elhacker.net/2025/12/masi

  19. 🧩 3️⃣ Masivo robo de datos de pago de clientes de páginas web con malware Magecart.

    Cibercriminales han estado utilizando el malware Magecart para insertar código malicioso en tiendas online legítimas, de modo que captura datos de tarjetas de crédito y débito justo cuando los clientes compran.

    Este código invisible roba números de tarjeta, fechas de vencimiento y códigos CVV, comprometiendo la seguridad de miles de personas sin que lo noten al comprar.

    🔒 ¿Tus compras en línea son realmente privadas… o alguien más está leyendo lo que escribes?

    #Privacidad #Ciberseguridad #Magecart #PagosOnline

    blog.elhacker.net/2025/12/masi

  20. 🧩 3️⃣ Masivo robo de datos de pago de clientes de páginas web con malware Magecart.

    Cibercriminales han estado utilizando el malware Magecart para insertar código malicioso en tiendas online legítimas, de modo que captura datos de tarjetas de crédito y débito justo cuando los clientes compran.

    Este código invisible roba números de tarjeta, fechas de vencimiento y códigos CVV, comprometiendo la seguridad de miles de personas sin que lo noten al comprar.

    🔒 ¿Tus compras en línea son realmente privadas… o alguien más está leyendo lo que escribes?

    #Privacidad #Ciberseguridad #Magecart #PagosOnline

    blog.elhacker.net/2025/12/masi