Expert Comments

Experts On New Grelos Skimmer Variant Reveals Overlap in Magecart Activities

Expert(s):
Expert(s):

Researchers have uncovered a new Grelos skimmer, which demonstrates increased overlaps in Magecart infrastructure and groups making it difficult to separate various campaigns and their collaboration work.

Experts Comments

Dot Your Expert Comments
Mark Bower
November 20, 2020
Senior Vice President
comforte AG

The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers.
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups. The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and.....Read More
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups. The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and ransomware to attack and disrupt the merchant data supply-chain to steal PII, financial, and credit card data. The solution has to be the one-two punch of integrity checking on web sites on a continuous basis to knock out rogue javascript injection, and end to end data protection beyond the web front-end using proven technology including tokenization to render sensitive data useless at the earliest capture point. This potent combination will mitigate these threats and disrupt the attackers own theft-to-darkweb retail business.  Read Less
Ameet Naik
November 20, 2020
Security Evangelist
PerimeterX

Website owners must continue to protect their sites and their users’ data.
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given.....Read More
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given the extent of the overlap behind the scenes. Website owners must continue to protect their sites and their users’ data by securing their applications and using runtime client-side security solutions. Consumers shopping online must continue to be vigilant about credit card theft and regularly monitor their credit reports.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...

Experts On Google Voice Outage

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab...