Researchers have uncovered a new Grelos skimmer, which demonstrates increased overlaps in Magecart infrastructure and groups making it difficult to separate various campaigns and their collaboration work.
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups.
The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and ransomware to attack and disrupt the merchant data supply-chain to steal PII, financial, and credit card data.
The solution has to be the one-two punch of integrity checking on web sites on a continuous basis to knock out rogue javascript injection, and end to end data protection beyond the web front-end using proven technology including tokenization to render sensitive data useless at the earliest capture point. This potent combination will mitigate these threats and disrupt the attackers own theft-to-darkweb retail business.
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given the extent of the overlap behind the scenes.
Website owners must continue to protect their sites and their users’ data by securing their applications and using runtime client-side security solutions. Consumers shopping online must continue to be vigilant about credit card theft and regularly monitor their credit reports.
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups.
The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and ransomware to attack and disrupt the merchant data supply-chain to steal PII, financial, and credit card data.
The solution has to be the one-two punch of integrity checking on web sites on a continuous basis to knock out rogue javascript injection, and end to end data protection beyond the web front-end using proven technology including tokenization to render sensitive data useless at the earliest capture point. This potent combination will mitigate these threats and disrupt the attackers own theft-to-darkweb retail business.
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given the extent of the overlap behind the scenes.
Website owners must continue to protect their sites and their users’ data by securing their applications and using runtime client-side security solutions. Consumers shopping online must continue to be vigilant about credit card theft and regularly monitor their credit reports.