Here is the rewritten content without changing its meaning, retaining the original length, and keeping proper headings and titles:

Attackers Exploit Google Tag Manager for Card Skimming on Magento Sites

Google Tag Manager, a free tool for website owners to manage and deploy marketing tags, has been exploited by attackers to steal payment card data from e-commerce sites built on the Magento platform. Researchers from Sucuri discovered an ongoing Magecart campaign that loads malicious code onto these sites, which appears to be a standard Google Tag Manager (GTM) and Google Analytics tracking script from a database.

A New Type of Magecart Attack

The attackers tweaked the code to act as a card skimmer for the infected site, demonstrating a new type of Magecart attack that leverages a legitimate free tool from Google. GTM eliminates the need for developer intervention each time a marketer aims to track or modify an ad or marketing campaign.

Sucuri’s Investigation

Sucuri security analyst Puja Srivastava revealed that within the GTM tag, there was an encoded JavaScript payload that acted as a credit card skimmer. This script was designed to collect sensitive data entered by users during the checkout process and send it to a remote server controlled by the attackers. So far, Sucuri has uncovered at least six sites affected by the campaign, indicating that this threat is actively affecting multiple sites.

Exploiting a Legitimate Google Tool for Card Skimming

The attack demonstrates a nontypical Magecart attack that leverages a legitimate free tool from Google that allows website owners to manage and deploy marketing tags on their website without needing to modify the site’s code directly. GTM is a useful tool for website owners, as it eliminates the need for developer intervention each time a marketer aims to track or modify an ad or marketing campaign.

Mitigation and Remediation of Magecart Attacks

To prevent such attacks, Sucuri recommends that e-commerce site administrators log in to GTM and identify and delete any suspicious tags that are being used on the site. They should also perform a full website scan to detect any other malware or backdoors and remove any malicious scripts or backdoor files.

Magecart Campaigns and Consequences

Magecart campaigns typically inject card skimmers into websites to steal payment card data that can later be monetized. Big-name organizations that have been targeted by these attacks include Ticketmaster, British Airways, and the Green Bay Packers NFL team. The consequences of such attacks can be severe, including financial losses and damage to the organization’s reputation.

Prevention and Detection

To ensure an organization’s e-commerce site has not been affected by the campaign, administrators should regularly monitor e-commerce site traffic and GTM activity for anything unusual. E-commerce sites built on Magento and their extensions should also be updated with the latest security patches.