November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – A New Class of Bugs Affecting Windows and its Drivers
March 21, 2019Rewterz Threat Advisory – Oracle Solaris Multiple Third Party Components Multiple Vulnerabilities
March 22, 2019Rewterz Threat Alert – A New Class of Bugs Affecting Windows and its Drivers
March 21, 2019Rewterz Threat Advisory – Oracle Solaris Multiple Third Party Components Multiple Vulnerabilities
March 22, 2019
Severity
Medium
Analysis Summary
Two Magecart-related breaches have been observed involving credit card fraud. One of these has been resolved but was never disclosed while the other is still in process.
In both cases, the potential victims of credit card fraud, the consumers, have not been informed.
Impact
Credit card fraud
Indicators of Compromise
| IP(s) / Hostname(s) | secure[.]livechatinc[.]org www[.]cdnmage[.]com www[.]js-cloud[.]com www[.]magescripts[.]pw |
| URLs | cdnassels[.]com cdnmage[.]com cmytuok[.]top configsysrc[.]info hxxp[:]//magescripts[.]pw/ext-payment[.]js hxxps[:]//mypiltow[.]com/js/mage/bundle[.]js hxxps[:]//secure[.]livechatinc[.]org/license/9655505/v2/get_dynamic_config[.]js js-cloud[.]com magejavascripts[.]com magescripts[.]pw magesecuritys[.]com mcloudjs[.]com mypiltow[.]com |
Remediation
Block the threat indicators at their respective controls..