Shopping cart malware, known as Magecart, is still one of the most popular tools in the attacker’s toolbox, and despite efforts to mitigate and eliminate its presence, it remains fully active.
The name refers to an open-source shopping cart application called Magento, and is used to steal credit card data, which is then sold in bulk to cybercriminals across the dark web, the shady part of the internet reachable with special software.
Magecart
Magecart is a prime example of how difficult it is to maintain vigilance in cyberspace. This is because the average e-commerce storefront depends on a dozen or more separate pieces of code, including ad servers, databases, back office systems and, perhaps the weakest link of all, a shopping cart routine used to collect money from customers.
The groups behind Magecart use what is called bulletproof hosting providers, meaning that their accounts aren’t easily terminated by law enforcement once identified.
In addition, these operators work with criminal gangs known as skimmers, who collect credit card data from compromised ATMs around the world.
What makes these attacks difficult to detect is the fact that infected web pages are deeply hidden in subdirectories on websites, so some security scanners may not discover them and some security analysts may not know where to look. Even worse, many webmasters may not have run a security scan since the JavaScript code of the page was modified by criminals. It’s a constant battle, which means there’s no point in waiting until check-in time to do security scans.
Recommendation
Finally, companies should ensure that they apply software updates and fixes as soon as possible. Its users Magento exposed by early attackers delayed these updates, which allowed them to be exposed by malware-infected outdated software versions.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment