Bill Toulas reports:
Analysts have found the source of a mass breach of over 500 e-commerce stores running the Magento 1 platform and involves a single domain loading a credit card skimmer on all of them.
According to Sansec, the attack became evident late last month when their crawler discovered 374 infections on the same day, all using the same malware.
The domain from where threat actors loaded the malware is naturalfreshmall[.]com, currently offline, and the goal of the threat actors was to steal the credit card information of customers on the targeted online stores.
Read more at BleepingComputer.