dcsimg

Magecart criminals caught stealing with their poker face on

Earlier in June, we documented how Magecart credit card skimmers were found on Amazon S3. This was an interesting development, since threat actors weren’t actively targeting specific e-commerce shops, but rather were indiscriminately injecting any exposed S3 bucket. Ever since then, we’ve monitored other places where we believe a skimmer might be found next. However, we were … [Read more...]

No summer break for Magecart as web skimming intensifies

This summer, you are more likely to find the cybercriminal groups Magecart client-side rather than poolside. Web skimming, which consists of stealing payment information directly from within the browser, is one of today’s top web threats. Magecart, the group behind many of these attacks, gained worldwide attention with the British Airways and TicketMaster breaches, costing the former … [Read more...]

No man’s land: How a Magecart group is running a web skimming operation from a war zone

Our Threat Intelligence team has been monitoring the activities of a number of threat actors involved in the theft of credit card data. Often referred to under the Magecart moniker, these groups use simple pieces of JavaScript code (skimmers) typically injected into compromised e-commerce websites to steal data typed by unaware shoppers as they make their purchase. During the course of an … [Read more...]

Skimmer acts as payment service provider via rogue iframe

Criminals continue to target online stores to steal payment details from unaware customers at a rapid pace. There are many different ways to go about it, from hacking the shopping site itself, to compromising its supply-chain. A number of online merchants externalize the payment process to a payment service provider (PSP) for various reasons, including peace of mind that transactions will be … [Read more...]

GitHub hosted Magecart skimmer used against hundreds of e-commerce sites

Every day, new e-commerce websites fall into the hands of one of the many Magecart skimmers. Unbeknownst to shoppers, criminals are harvesting their personal information, including payment details in the online equivalent of ATM card skimming. Most often the skimming code—written in JavaScript and obfuscated—is hosted on infrastructure controlled by attackers. Over time, they have created … [Read more...]

New Golang brute forcer discovered amid rise in e-commerce attacks

E-commerce websites continue to be targeted by online criminals looking to steal personal and payment information directly from unaware shoppers. Recently, attacks have been conducted via skimmer, which is a piece of code that is either directly injected into a hacked site or referenced externally. Its purpose is to watch for user input, in particular around online shopping carts, and send the … [Read more...]

How to protect your data from Magecart and other e-commerce attacks

In today’s golden age of online shopping, consumers take to the Internet, punch in a few credit card details, and happily receive products at their doorstep, safe in the knowledge that their online vendor is well-known, vetted, and therefore their website has to be secure, right? Dut did you know that hackers can steal your credit card details with only a few lines of JavaScript? Attacks on … [Read more...]