Magecart strikes again, this time at electronics retailer Newegg

Researchers say the hacking group is getting better at finding ways to leverage faults in Javascript to hide and carry out breaches of credit card payment systems.
(Getty Images)

Code has been discovered siphoning credit card numbers from consumer technology retail website Newegg, according to security researchers from two cybersecurity companies.

In reports published Wednesday by RiskIQ and Volexity, researchers discovered instances of code liked to the operators of Magecart, a group that has been behind a slew of recent, high-profile credit card number breaches.

Thieves have been siphoning credit card data since Aug. 14, when a piece of Javascript was inserted into Newegg’s payment sites. That code pulled credit card numbers and sent them to a site with a similar URL — neweggstats[.]com. According to Volexity, the code wasn’t removed from the Newegg payment site until Tuesday.

Newegg is an extremely popular retailer, ranking 161 on Alexa’s list of top websites in the U.S. According to SimilarWeb, the site receives 50 million visitors a month.


“Over an entire month of skimming, we can assume this attack claimed a massive number of victims,” a blog from RiskIQ read.

Magecart has been behind a number of recent breaches, including ones targeting British Airways’ website and mobile app and a third-party customer service chat application used on Ticketmaster’s UK website.

Volexity writes that the Newegg attack shows that Magecart is refining its practices, getting better at ways to leverage faults in Javascript to hide and carry out crimes.

“This type of refinement is sure to continue as new organizations are targeted,” a blog post from Volexity’s research team reads. “While Magecart may be a major threat which eCommerce companies need to protect against, the larger issue is the increasing use of JavaScript-based data theft frameworks. … With minimal setup or knowledge required, these attacks will surely increase as time goes on.”

Newegg did not respond for comment.

Greg Otto

Written by Greg Otto

Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University.

Latest Podcasts