MageCart Attacks: My Pillow & Amerisleep Bedding Retailers Targetted


On 20th March 2019, the cybersecurity researchers have disclosed the details of the two newly identified MageCart attacks that targeted the online shoppers of bedding retailers, MyPillow and Amerisleep. MageCart is an umbrella term that the researchers gave to a minimum of 11 different hacking groups which are specialized in implanting the malware code on the e-commerce websites in order to steal the payment card details of their customers without their knowledge. In the last year as well, the MageCart has been in the limelight after the attackers had conducted several high-profile cyber attacks against the major international companies like the British Airways, Newegg and Ticketmaster. The MageCart hackers use a digital payment card skimmer and a few lines of the malicious JavaScript code which they insert into the checkout page of the hacked websites and are designed to capture the payment information of the customers in real time and then send it to the remote server that is being controlled by the attacker.

In this incident, the MageCart attackers compromised almost 277 e-commerce website in a supply-chain attack by inserting the skimming code into a popular third-party JavaScript library from the Adverline. The new report shared by the RiskIQ stated that the researchers have revealed two new breaches related to MageCart that compromised the online bedding retailers, MyPillow and Amerisleep and stole the payment information of their customers. Similar to the previous attacks, the MageCart hackers implanted the digital skimming code on both the websites and managed to skim the payment cards of their customers during the online transactions. Amerisleep has undergone such attacks several times in the year 2017 and in 2018 it again took place in the month of December. On the other hand, MyPillow was breached in October 2018 wherein the hackers used the technique “typosquatting” for their purpose.


Please enter your comment!
Please enter your name here