Researchers confirmed that Click2Gov, municipal payment software, nearly formed the heart of the most recent government security incident.
Researchers have warned that the websites of all the eight U.S. cities – across three states – have got compromised with the payment card-stealing Magecart skimmers. All the websites utilized Click2Gov municipality payment software, which previously got involved in data breaches.
Unlike other skimmers, this incident only targets website payment forms by Click2Gov. This
software is used in self-service bill-paying portals being used by utilities and community
development organizations.
The attack occurred when victims tried making an online payment on the compromised
Click2Gov website. JavaScript code got injected into the payment page, which loads a credit card skimmer while victims browse the payment page.
To Read More: Threatpost