An anonymous reader shares a report: A cyber-criminal operation known as Magecart is believed to have been behind the recent card breach announced last week by British Airways. The operation has been active since 2015 when RisqIQ and ClearSky researchers spotted the malware for the first time. The group’s regular mode of operation involves hacking into online stores and hiding JavaScript code that steals payment card information entered into store checkout pages, information such as credit card numbers, names, addresses, and whatever is collected via payment forms. The group has been very active in the past three years, being blamed for injecting card skimming scripts on thousands of sites, with the most recent trove of compromised sites being discovered two weeks ago. Of all its hacks, the most notorious incident was when the group compromised a third-party chat provider and used its infrastructure to drop malicious scripts on the Ticketmaster checkout page. […] In a report published today, researchers at RisqIQ say they found clues linking the same Magecart operation to the British Airways breach. This breach was announced last week when British Airways said that an unidentified hacker compromised its systems and stole the card details of over 380,000 users.
of this story at Slashdot.
Source:: Slashdot