Via https://newsapi.org online business online marketing online business opportunities Card Skimming Attack Hits 962 eCommerce Stores

Via https://newsapi.org online business online marketing online business opportunities

via https://newsapi.org online business online marketing online business opportunities Favoritevia https://newsapi.org online business online marketing online business opportunities LoadingAdd to favorites

Latest Magecart-style campaign hits nearly 1,000 victims

A massive 962 online shops have had their customers’ card details stolen in just 24 hours, in the largest Magecart-style automated card skimming card campaign identified to date.

That’s according to Amsterdam-based eommerce fraud protection specialist Sanguine Security Labs, which identified the attacks today.

The company – which provides a Magento malware scanner –has sharedthe skimmer’s codebase on a GitHub repo.

Magento is a widely used, open source-based ecommerce platform written in PHP that handles over $100 billion in gross merchandise volume every year.

Our crawlers detected 962 breached stores last night. It is the largest automated campaign to date (previously: MGCore with 700 stores). Decoded skimmer: https://t.co/CCVakmMrR5pic.twitter.com/nIHQFwtRXN

— Sanguine Security Labs (@eComscan)July 5, 2019

Such attacks work via automated probes for compromised store extension software. When opportunities are found, cybercriminals insert a customized Javascript payment overlay for the specific site; essentially inserting a fake credit card payment section.

Willem de Groot from Sanguine Security told Computer Business Review: “This is the largest number of breaches [of] stores over a 24-hour period, which implies that their operation is highly automated. Victims are from all over the world, so were likely chosen opportunistically.”

He added: “I am still waiting for logs to accurately say how they got compromised, but at first glance it appears to be a PHP object injection exploit for an existing vulnerability.”

Magecart Attacks are Rampant

Among the most high-profile victims: British Airways, which had 380,000 customers’ payment detailsstolenin a card skimming attack last August (2018).

US-based threat research firm RiskIQ says it has identified seven core Magecart groups; an umbrella term for threat groups using a range of card skimmers.

RiskIQ identified the groups by analysing unique sets of infrastructure (pools of IP addresses, domains and specific server setup fingerprints); skimmers (unique obfuscation techniques and loading strategies) and targeting (each uses different methods to reach their victims).

It detailed a sprawling array of card skimmers using different techniques, including sophisticated counter-surveillance: one registers domains mimicking ad providers, analytics providers, victim’s domains, and anything else that can be used to hide in plain sight, for example, trying to blend in with normal network traffic by changing file paths to image file extensions instead of normal JavaScript extensions.

Read this: Magecart’s 7 Groups: Hackers Dropping Counter-Intelligence Code in JavaScript Skimmers

Read More

Be the first to comment on "Via https://newsapi.org online business online marketing online business opportunities Card Skimming Attack Hits 962 eCommerce Stores"

Leave a comment

Your email address will not be published.


*