Security researchers at IBM have discovered that hackers are implementing scripts onto Layer 7 routers to steal the card payment details of users.
Now, however, the IBM researchers claim that malicious Magecart code is being added to commercial routers that are used for large networks, such as those employed in casinos, airports, hotels, and resorts.
“These sectors are heavily targeted by cyber-criminals for the rich customer data they process, which often includes payment card data as well – a hallmark of the Magecart conglomerate,” said the report.
Layer 7 routers can access traffic at an application level, which means that unlike most other routers, they can access and manipulate traffic based on data other than IP addresses – such as cookies and browser types.
Ultimately, this makes it possible for hackers to deploy Magecart scripts into the browser sessions of users connected to these routers.
“The ability to target users stems from third-party risk that attackers are leveraging,” said the report.