Quote:Security researchers have spotted a new tactic being trialed by Magecart hackers: targeting commercial grade routers to skim large volumes of card details.
 
Magecart is the generic name given to a number of groups using JavaScript code to covertly steal card details from users. The tried-and-tested technique used up until now involves injecting this code into a website’s payment page, either directly or through the compromise of a third-party provider.
 
However, according to IBM, Magecart Group 5 (MG5) is testing malicious code which could be injected into legitimate JavaScript loaded by Layer 7 routers.
 
These routers are typically used in venues such as airports, casinos and hotels to serve large numbers of users — theoretically giving the attackers a major haul of card details if they succeed.
 
“We believe that MG5 aims to find and infect web resources loaded by L7 routers with its malicious code, and possibly also inject malicious ads that captive users have to click on to eventually connect to the internet,” IBM said in its report.