Researchers from British Airways have discovered that the group that recently performed a large hack is the same one that attacked Ticketmaster. The Magecard Group has been active since 2015, when it was first discovered by researchers from RisqIQ and ClearSky.
Last week it was announced that British Airways had been hacked and that the credit card details of 380,000 users had been captured. The British airline did not reveal any technical details about the attack, but did let it know that the attacker captured information about payments captured via the main site, ba.com, and the mobile app.
In the case of the British Airways site, it appeared that a file that had not been modified since 2012 was changed in the course of 21 August 2018. That’s the day before the hack, according to the airline, took place. It turned out that a piece of code had been added to the file that stores interactions with the payment form. It is striking that the mobile app was also hacked immediately, which according to the researchers at RisqIQ was possible because the payment interface of the ba.com site was loaded directly into the mobile app.
Magecart has been active for three years now. The hacker group has captured data from thousands of websites, including a while ago from Ticketmaster and last week British Airways was also affected by the group. Every year the group becomes more active and larger targets are attacked.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.