Security & Fraud

Malicious Malware Detected On American Cancer Society’s eComm Site

Credit Card Stealing Code Inserted Into American Cancer Society’s Website

A security researcher discovered that credit card-stealing malware was inserted into the code of the American Cancer Society’s online store, according to TechCrunch.

Willem de Groot discovered the malicious code buried deep, and hidden to look like analytics code. It was meant to scrape credit card numbers for sale on the dark web or other malicious activities.

There have been similar attacks on Newegg, AeroGarden, British Airways and Ticketmaster. The attackers are a hacking group called Magecart, and they’ve been known to attack others in similar ways.

The code is meant to send the numbers to a third-party server, but it was malformed and put in twice. De Groot decoded the information and discovered the web address of the server. The domain is registered in Moscow, but the website that exists only as a decoy page.

The code was removed on Friday (Oct. 25), and it’s not currently known how many people were affected by it. TechCrunch recommends anyone who used a credit card on the American Cancer Society website to contact their payments provider. 

There are at least six different groups operating as Magecart, according to TechCrunch, and security researcher Yonathan Klijnsma, who works at RiskIQ, has been tracking them for a while.

He said they’re a “thriving criminal underworld that has operated in the shadows for years.”

“Magecart is only now becoming a household name,” he added.

The first Magecart group started as early as 2014, when it would set its sights on thousands of sites and then store the stolen data. Groups 2 and 3 started skimming credit cards, and group 4 hacked more than 3,000 sites and grabbed as many card numbers as it could.

Groups 5 and 6 did some of the more high-profile attacks, with the latter responsible for British Airways and Newegg. If the malicious code is discovered, the perpetrators simply move on to another site.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.