Well crap. It looks like JavaScript library Feedify got owned and were serving Magecart 😬 any comment @_Feedify?

Check out the regex, looking for generic checkout processes 😬

The Feedify thing is real, I've put in some YARA rules on web browsing threat intel feeds and it doesn't look like this is an isolated library either. Fun. Now I'm off to play Call of Duty and drink beer while I realise breaches are coming.





For anybody who missed it, the Feedify Javascript library was compromised with code mirroring Magecart, which steals credit cards. @_Feedify quietly fixed it, haven't notified anybody and aren't responding to press. Feedify are embedded in thousands of ecommerce websites.

The Magecart code is back in @_Feedify's shared Javascript library again. All vendors (e-commerce, hotels etc) need to remove this JavaScript link ASAP from their stores as Feedify are clearly compromised.

You can follow @GossiTheDog.

Share this thread

Bookmark

____

Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.



Enjoy Threader? Sign up.



Since you’re here...



... we’re asking visitors like you to make a contribution to support this independent project. In these uncertain times, access to information is vital. Threader gets 1,000,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Your financial support will help two developers to keep working on this app. Everyone’s contribution, big or small, is so valuable. Support Threader by becoming premium or by donating on PayPal. Thank you.



Download Threader on iOS.