MageCart Gang Recently Targeted P&G E-Store

The notorious MageCart Gang once again made it to the news since attacking another e-commerce store. This time, it is a P&G e-store that suffered the MageCart attack. The ‘First Aid Beauty’ site infection remained unnoticed for several months.

P&G E-Store Under MageCart Attack

Reportedly, an online beauty store belonging to Procter And Gamble has recently suffered a malware attack. The P&G e-store faced the MageCart attack that kept the site infected since May 2019.

The researcher Willem de Groot first noticed this attack. He also explained that the attack, which continued since May 5, 2019, had a ‘fairly advanced’ operation. The malicious code on the website would remain dormant for visitors outside US. Also, it stayed inactive upon detecting Linux users. The latter feature seemed an attempt to evade detection since most security researchers use Linux.

De Groot shared the news in one of his tweets.

Although, the skimmer code, in this case, looked heavily obfuscated. The researcher also shared a deobfuscated version that looks poised to steal from users.

P&G Investigating The Attack

Upon discovering the existence of the malicious code, the researcher reported it to Procter and Gamble. However, he didn’t hear anything back from the firm for over a week. Eventually, he disclosed the matter publicly in a tweet.

Finally, according to BleepingComputer, the affected website no longer contains malicious code. Also, the firm has released a statement regarding the matter.

Consumer trust is fundamental to us, and we take data privacy very seriously. As soon as we learned about the compromise of the First Aid Beauty site, we moved quickly to take the site down and minimize the impact to our consumers. We are currently investigating the source of the malware and working to identify and notify those consumers who might have been impacted to ensure we provide them the necessary support.

However, until the time of writing this article, the website displayed an ‘Error 503: Service Unavailable’ note.

First Aid Beauty is an online beauty store originally established in 2009. Last year, P&G acquired it for $250 million. However, the company did not integrate the website to P&G, and the brand continued to exist seemingly independently.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients