MageCart Cyber Gang Compromised Feedify Cloud Service Architecture

Cloud service firm Feedify has been compromised by a crime gang known as MageCart. The gang have been very active the past few months. The gang has targeted hundreds of e-commerce websites and payment card data since compromising an entire cloud service.

How many Customers got Affected?

The firm has more than 4000 active clients in its cloud platform. The platform is used to engage clients with powerful tools that target users of e-commerce websites.

Feedify requires customers to add JavaScript code to their client’s websites to use their service, the hackers of MageCart compromised the service by inserting malicious code. The affected library was called “feedbackembad-min-1.0.js” which was compromised by MageCart therefore affecting every customer of Feedify whom inserted the script into their website, this resulted in the malicious code being injected into every client’s website.

The group has been actively attacking services since 2015 with many e-commerce websites experiencing cases of stolen payment card information and other sensitive data. The malicious code inserts a skimmer script that records payment data.

What is the link between British Airways Hack and Feedify Hack?

The same group also hacked British Airways using the same methodology. You can read more about the story below.

How did British Airways get Hacked?

The Security firm RiskIQ has reported that the MageCart group carried out the attack in a methodical manner, whilst they used a customised version for the British Airways it was all part of a larger attack. The same strategy was utilised to compromise the Feedify service.

RiskIQ has also reported that the Hackers of MageCart may have access to the Feedify’s servers for over a month now. When the company was notified of the compromise they immediately removed the script from their webpage.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients