Click2Gov, Again? – Magecart-Style Credit Card Skimming Potentially Enabled by Click2Gov Vulnerabilities

DataBreaches.net states it best…”Here we go again?” As previously published in several Security & Resilience Updates, December 2019 – February 2020 included a significant spate of local and municipal government entities being impacted by vulnerabilities with online payment application Click2Gov. According to cybersecurity firm TrendMicro, they have identified at least eight U.S. cities across three states who have fallen victim to a Magecart style card skimming attack. These sites all appear to have been built using Click2Gov. In these attacks, their websites were compromised to host credit card skimmers which passed on the credit card information of residents to cybercriminals. The information exfiltrated included credit card details and personal information. TrendMicro’s analysis of both the skimmer and the infrastructure used could not find any connections between this breach and the incidents in 2018 and 2019. Nevertheless, five of the eight cities were also affected in the previous breaches; they believe that these attacks started on April 10 and are still active. Additionally, the city of Palm Bay Florida issued a notification that it is currently investigating a security breach potentially linked to Click2Gov. Read more at TrendMicro