In a world that’s growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce sites.Magecart, which is in the news a lot lately, is an umbrella term given to 12 different cyber criminal groups that are specialized in secretly implanting a special piece of code on compromised e-commerce sites with an intent to steal payment card details of their customers.The malicious code—well known as JS sniffers, JavaScript sniffers, or online credit card skimmers—has been designed to intercept users’ input on compromised websites to steal customers’ bank card numbers, names, addresses, login details, and passwords in real time.
Magecart made headlines last year after cybercriminals conducted several high-profile heists involving major companies including British Airways, Ticketmaster, and Newegg, with online bedding retailers MyPillow and Amerisleep being recent victims of these attacks.The initial success of these attacks already indicated that we are likely going to be seeing a lot more of it in coming days.Security firm Group-IB today published a report, which it shared with The Hacker News prior to its release, detailing nearly 38 different JS-Sniffer families that its researchers documented after analyzing 2440 infected e-commerce websites.All these JS-Sniffer families have been categorized into two parts. The first one is the universal code that can be integrated into any website, for example, G-Analytics and WebRank families of JS-sniffers.
Whereas, the second type of JS-Sniffers—which includes PreMage, MagentoName, FakeCDN, Qoogle, GetBilling, and PostEval families—have primarily been designed to work with specific Content Management Systems such as Magento, WooCommerce, WordPress, Shopify, and OpenCart.
“At least 8 of these families [such as GMO, TokenLogin, and TokenMSN] are described for the first time and have not been investigated before,” researchers say.”Each family has unique characteristics, and they are most likely managed by different people: all …

Go to Source


Comments are closed.