The target: Over 17,000 websites using Amazon’s S3 public cloud storage.
The take: Credit Card payment information and personal data.
The attack vector: MageCart Group perpetrated the hacking campaign which methodically scanned and identified 17,000 unique, misconfigured Cloud Storage buckets. After locating an unsecured cloud storage server, they focused on JavaScript files which they then downloaded, added their card skimming script, and then reuploaded the now infected files.