Magecart Attacks Expand – Expert Comments

The Malwarebytes research team has linked the Cobalt and Group 4 cybercriminal teams with Magecart. Their findings show that Group 4 is conducting server-side attacks as well as client-side skimming:

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Deepak Patel
Deepak Patel , Security Evangelist
InfoSec Expert
October 7, 2019 11:17 am

Magecart groups are slowly being discovered. Unfortunately, It can be difficult to stop them due to the lack of awareness about the vulnerabilities inherent in third-party code on the client side. Attackers continue to exploit the client-side security blind spot within web applications.

The complexity of Magecart attacks is slowly coming to light as more security researchers continue to dig into this digital skimming attack variant. This research shows that digital skimming is a serious threat to user data and is difficult to detect because compromised sites do not show any signs of this attack which usually happens directly from the client. Data is exfiltrated bypassing the website owner’s infrastructure unbeknownst to the site owner and the site user.

Website owners should monitor the third-party code that runs on their websites to better protect user data. Third-party scripts and libraries may be used to provide a rich user experience, but the site owners that lack the appropriate security controls are allowing Magecart groups to more easily mount digital skimming attacks and harvest user payment information or private data.

Last edited 2 years ago by Deepak Patel
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x