Search results for: Magecart

online shop owned

Ticketmaster breach part of massive credit card skimming campaign

RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming campaign by the threat group Magecart affecting over 800 e-commerce sites around the world. Magecart has evolved tactically from hacking sites directly, to now targeting widely used third-party components. This approach grants them access to even more victims-sometimes 10,000 or more instantly. According to researchers, Magecart likely breached the … More

abstract, generic

Week in review: Acunetix 11 review, BEC scams exposed, innovation and cybercrime

Here’s an overview of some of last week’s most interesting news and articles: 751 domains hijacked to redirect visitors to exploit kit An unknown attacker has managed to modify the name servers assigned to 751 domains, which resulted in some visitors to the hijacked domains being redirected to a site hosting the Rig Exploit Kit and delivering the Neutrino Bot. Getting the most out of your SIEM investment The challenge is SIEM systems are inherently … More

payment card

How Magecart attackers monetize stolen payment card info

The Magecart campaign, aimed at compromising online shops with malicious JavaScript code to collects payment card info, is still going strong, and researchers have pinpointed another way threat actors behind it monetize the stolen information. First spotted in October 2016 by RiskIQ and ClearSky researchers, Magecart mainly hits e-commerce sites running outdated and unpatched versions of shopping cart software from Magento, Powerfront, and OpenCart. After gaining access to the web platforms, the attackers change the … More

shop online

How to create a safer shopping experience

The annual holiday season has arrived. The air grows crisp (at least in the Northern hemisphere), new, cool gadgets are released and cyberattacks, along with cologne ads, proliferate. Cyber threats aren’t deterring shoppers though: The National Retail Federation expects online holiday sales to increase by 7 to 10 percent over last year, reaching as much as $117 billion. With e-commerce attacks in Q3 2016 increasing by 60 percent over the previous year, shopping hazards can … More

online shop owned

100+ online shops compromised with payment data-stealing code

Since March 2016 (and possibly even earlier), someone has been compromising a variety of online shops and injecting them with malicious JavaScript code that exfiltrates payment card and other kinds of information users entered to pay for their shopping. The threat actor has compromised more than 100 online shops, including that of UK book publishing house Faber and Faber, clothing/fitness company Everlast, GUESS Australia, fashion brand Rebecca Minkoff, beauty products retailer The Beauty Place, and … More