Expert Comments

Magecart Attacks Expand – Expert Comments

Expert(s): Security Experts
Expert(s): Security Experts

The Malwarebytes research team has linked the Cobalt and Group 4 cybercriminal teams with Magecart. Their findings show that Group 4 is conducting server-side attacks as well as client-side skimming:

Experts Comments

October 07, 2019
Deepak Patel
Security Evangelist
PerimeterX
Magecart groups are slowly being discovered. Unfortunately, It can be difficult to stop them due to the lack of awareness about the vulnerabilities inherent in third-party code on the client side. Attackers continue to exploit the client-side security blind spot within web applications. The complexity of Magecart attacks is slowly coming to light as more security researchers continue to dig into this digital skimming attack variant. This research shows that digital skimming is a serious.....Read More
Magecart groups are slowly being discovered. Unfortunately, It can be difficult to stop them due to the lack of awareness about the vulnerabilities inherent in third-party code on the client side. Attackers continue to exploit the client-side security blind spot within web applications. The complexity of Magecart attacks is slowly coming to light as more security researchers continue to dig into this digital skimming attack variant. This research shows that digital skimming is a serious threat to user data and is difficult to detect because compromised sites do not show any signs of this attack which usually happens directly from the client. Data is exfiltrated bypassing the website owner’s infrastructure unbeknownst to the site owner and the site user. Website owners should monitor the third-party code that runs on their websites to better protect user data. Third-party scripts and libraries may be used to provide a rich user experience, but the site owners that lack the appropriate security controls are allowing Magecart groups to more easily mount digital skimming attacks and harvest user payment information or private data.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

The Changing Face Of The COO Role

Security Expert On Apple Suing NSO Group

Meta Delays Plans To Rollout End-to-end Encryption

NCSC Issues Black Friday Warning To Tetailers

How The Zelle Fraud Scam Steals Your Bank Credentials

GoDaddy Data Breach Impacts Over A Million Users, Experts Reactions

Utah Imaging Data Breach – Expert Comments

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts