Severity
Medium
Analysis Summary
Two Magecart-related breaches have been observed involving credit card fraud. One of these has been resolved but was never disclosed while the other is still in process.
In both cases, the potential victims of credit card fraud, the consumers, have not been informed.
Impact
Credit card fraud
Indicators of Compromise
| IP(s) / Hostname(s) | secure[.]livechatinc[.]org www[.]cdnmage[.]com www[.]js-cloud[.]com www[.]magescripts[.]pw |
| URLs | cdnassels[.]com cdnmage[.]com cmytuok[.]top configsysrc[.]info hxxp[:]//magescripts[.]pw/ext-payment[.]js hxxps[:]//mypiltow[.]com/js/mage/bundle[.]js hxxps[:]//secure[.]livechatinc[.]org/license/9655505/v2/get_dynamic_config[.]js js-cloud[.]com magejavascripts[.]com magescripts[.]pw magesecuritys[.]com mcloudjs[.]com mypiltow[.]com |
Remediation
Block the threat indicators at their respective controls..