Magecart attacks are getting more sophisticated, and attackers are taking extra measures to evade detection. PerimeterX researchers recently uncovered another common obfuscation technique used in multiple Magecart attacks and provided a mechanism to de-obfuscate and analyze the malware code.
While researchers uncover more and more active attacks, we see businesses struggle to mitigate these attacks in a timely manner. Magecart infections continue to remain active on websites for weeks or months, compromising credit card data in droves, while financial institutions and other businesses bear the cost of the resulting fraud. While it helps to stay current with security patches and software updates, businesses need to invest in client-side visibility solutions that will proactively alert them about Magecart attacks, and drastically shorten the meantime to mitigation.