Magecart Group Targets Routers Behind Public Wi-Fi Networks

Using airport wifi? Those ads may carry more than just a great offer…:

[…] “When offering Wi-Fi service, most vendors do not support proxying adverts or JavaScript injection,” researchers said. “So why do we often see ads when we connect via captive portals? That’s because Wi-Fi vendors looking to make extra profit from third parties may offer the hotel a discounted price for the Wi-Fi operation if it allows midstream ads to run before guests connect.”

That opens the door for attackers to inject the malicious code via these JavaScript files – which is what researchers fear that Magecart Group 5 is aiming to do.


Original article here