French Designer Clothing Line “A.P.C” compromised by MageCart Credit Card Theft Group
This blog post was submitted by @MeltX0R, a security researcher.
www.apc-us.com – Compromised Website
secure.checkercarts.com – MageCart owned domain used for Data Exfil
secure.itenvoirtech.com – MageCart owned domain used for Data Exfil
secure.upgradenstore.com – MageCart owned domain used for Data Exfil
aquastora.com – MageCart owned domain used for Data Exfil
IMAGES AND DETAILS:
Attempts to notify A.P.C of the compromise were made via phone and email, however we have yet to hear back. As of 10/16/2018, the code is still active on the website.
As of 10/18/2018, the malicious script is no longer being loaded.
MALICIOUS FILES ASSOCIATED WITH MAGECART: