Robbery of 50k credit cards from 300 U.S. restaurants using skimmers

On Tuesday, Payment card details from customers of more than 300 U.S. restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms.

Web-skimmers, or Magecart malware, are usually JavaScript code that collects credit card data when online shoppers type it on the checkout page.

According to Bleeping Computer, Recently, Recorded Future’s threat detection tools identified two Magecart campaigns injecting malicious code into the online ordering portals of MenuDrive, Harbortouch, and InTouchPOS.

As a result, 50,000 credit cards were robbed and have already been put for sale on various marketplaces on the dark web.

On January 18, 2022, the first campaign began and it struck 80 restaurants using MenuDrive and 74 that used the Harbortouch platform.

Many of these restaurants were small local establishments across the U.S. using the platform as a cost-efficient alternative to outsourcing the online ordering process.

On both platforms, the web skimmer was inserted into the restaurant’s web pages and its assigned subdomain on the online payment service’s platform.

“The malware deployed for MenuDrive used two scripts, one for snatching the payment card data and another for collecting the cardholder’s name, email address, and phone number, achieved by attaching to the ‘onmousedown’ event and “responding to clicks of multiple buttons during the account creation and checkout process”,” a source as per Bleeping Computer.



Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More