The Feedify notification service has added to the list of victims of the malicious MageCart campaign, which included Ticketmaster Ticketmaster and British Airways.
According to experts, the library was modified on August 17 this year, September 11 Placebo notified the company of its findings. On the same day, the malicious code was deleted, but after a day the file was again infected. The company removed the code again, but the MageCart members were persistent and added it a third time. At the time of writing, the file feedbackembad-min-1.0.j still contained the MageCart script.
Grouping MageCart is active since 2015. The first two years, attackers mostly attacked sites on the Magento platform, but later changed tactics and switched to larger services.