Payment Pages Are Being Compromised To Steal Data 

October 9, 2018

Written by wukovits

Symantec’s most recent statistics have revealed a disturbing trend.  Malware designed to compromise checkout pages is seeing a big spike in use, with the company reporting a staggering 248,000 attempts since August 13th of this year, with more than a third of them (36 percent) between September 13th through September 20th. As disturbing as those numbers are, that’s just the tip of the iceberg.

As Symantec notes on their website:

“If we compare the week of September 13 to 20 to the same week in August, the number of instances of formjacking attacks blocked by Symantec more than doubled, jumping from just over 41,000 to almost 88.500 – a percentage increase of 117 percent.”

Leading the surge is a particularly nasty strain of malware known as “Magecart.”  Magecart campaigns are quite robust that begin by breaching the target website, then injecting malicious scripts into it that are designed to scrape card details and other customer information provided during the checkout process. This is an attack that’s alternately known as formjacking, payment card scraping, and web-based skimming.

Symantec isn’t the only company to take note of the trend.  RiskIQ has been sink holing domains associated with Magecart infrastructure for much of the month and alerting companies compromised by Magecart attacks as they find them.

Kevin Beaumont, an independent security researcher, had this to say via Twitter:
“#TrackingMagecart I’ve updated the IoCs to double the number of domains, now tracking over 1000 objects – some of the domains have now been sink holed.  Recommend InfoSec vendors block/flag domains.”

Magecart isn’t new.  Security researchers have been tracking it since 2015, and independent researcher Willem de Groot has created a malware scanning website called MageReport, which allows business owners to check to see if their Magento-based webshop is vulnerable to this type of attack.  If you think you might be, it certainly bears making use of.

At present, the one thing that’s not known is the reason behind the sudden spike.  Only that it’s happening.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...

Major Cyber Attack at OMV

Louisiana’s Office of Motor Vehicles (OMV) is one of a still undetermined number of government entities, major businesses, and organizations to be affected by an unprecedented Data Breach.There is no indication at this time that cyber attackers who breached MOVEit...

New Graphene Technology May Increase Hard Drive Storage

HDDs are old, well understood technology. They haven't changed much in recent years. In fact, increasingly, people are writing them off, preferring SSDs for their greater speed and smaller size, even though HDDs are less expensive. The clever folks at the University...

Send us a message

Your message was sent.