Hundreds of counterfeit branded shoe stores hacked with web skimmer

Hundreds of counterfeit branded shoe stores hacked with web skimmer

According to the latest research from Malwarebytes, many of the websites selling branded sneakers aren’t as reliable as we think they are. 


Research suggests that there are hundreds of fake branded shoe websites that are infected with credit card skimmer, which is a type of malware that skims financial data from payment cards that users provide at the time of checking out. The websites that run the old and outdated versions of Magento and the PHP programming language are the key targets of this campaign.


See: New privacy tool exposes which website leaves your data unprotected


An analysis of these fake websites revealed that all had something or the other in common. Such as, either these ran similar templates using outdated Magento version or PHP programming language. It is believed that attackers were most probably looking for fake websites to inject malware and were lucky to find so many.



“I think it’s an automated scanner that happened to crawl those IP ranges and because all sites are pretty much a copy of each other (and all outdated), it had a field day”, stated Jérôme Segura, Malwarebytes’ threat intelligence researcher in their blog post.


Malwarebytes claims that this is a large-scale hacking campaign launched to steal the credit cards of unsuspecting users. The injection of malicious scripts into the websites is known as the hundreds counterfeit branded stores hacked skimmer