Researchers have uncovered a new Grelos skimmer, which demonstrates increased overlaps in Magecart infrastructure and groups making it difficult to separate various campaigns and their collaboration work.
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups.
The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and ransomware to attack and disrupt the merchant data supply-chain to steal PII, financial, and credit card data.
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given the extent of the overlap behind the scenes.
Website owners must continue to protect their sites and their users’ data by securing their applications and using runtime client-side security solutions. Consumers shopping online must continue to be vigilant about credit card theft and regularly monitor their credit reports.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics