2 comments

[ 4.2 ms ] story [ 17.0 ms ] thread
Great writeup, wish the screenshots were a bit higher resolution/more readable
I've found plenty of magecart infections myself. I was surpised at how difficult it was to tell the site owners. Whois privacy,no contact email on their site, no security.txt.

Just a protip,leave some contact info in whois or somewhere on your business site so people can let you know if you get pwned.