Since 2014, countless e-commerce sites have been infected by
a credit-card stealing software that was proven to be very difficult to stop.
Security experts revealed that the malware seemed to be unstoppable because
several hacking groups nowadays are using different variations of the code. The
attacks have become consistent and extremely common, which prompted information
security professionals to dub it as Magecart.
Magecart is a type of cyberattack wherein hackers add
malicious computer code into websites as well as third-party suppliers of
digital systems. Their goal is to steal credit card information as customers
key in their details at a checkout page. Although stealing credit card information
online, otherwise referred to as skimming, is not new, the attacks on smaller companies
and on payment pages has become persistent and successful that it lead to the
rise of its very own small cottage industry.
In 2018, several large scale online retailers reported that
their websites have been infected by Magecart hackers. Among these retailers
are Newegg, Sotheby’s, Ticketmaster,
and British Airways.
Volexity researcher Matthew Meltzer said digital card
skimming has attracted countless hackers due to its simplicity and high
probabilities of success.
“Other attacks rely on social engineering, the installation
of malware, or the direct compromise of databases containing sensitive
information.” Meltzer added. “One of the reasons why digital credit
card skimmers have grown in popularity is likely due to the ease of this
attack methodology as well as its success rate in comparison to others,” he explained.
The success of Magecart can be partly attributed to the fact
that it is almost impossible for a customer to detect, as per Symantec’s
security researcher Candid Wueest.
Skimming usually happens when consumers enter their credit
card info when buying something online. Wueest explained that online consumers
have no way of knowing of the theft. He said, “You will have basically no
chance by naked eye.”
Megacart became increasingly popular in 2018 but the malware
can be traced by to 2014, according to RiskIQ’s head researcher Yonathan
Klijnsma. The skimming activity has increased significantly over the years. He
said the web based credit card skimming has become a small black market
industry. Researchers at RiskIQ were able to track the code type used by
skimmers and discovered that they were being sold in dark web forum sin 2016. That
resulted to a rise in groups purchasing and selling the building blocks of code
for the successful execution of the Magecart attacks.
Klijnsma reported that they discovered six groups that sold
various code skimming kits. Other groups build their own, with about 11
different groups utilizing some sort of code to skim consumers’ credit card information.
And even though he cannot provide a rough estimate as to the number of credit
card information that were stolen, Klijnsma said he believes that skimmers had
accumulated far more credit cards than what were stolen in high profile
breaches such as those of Target and Home Depot.
Protect your company, your consumers, and your personal information. Call SpartanTec, Inc. now.
SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com
Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.