Aug 30, 2019

Magecart Compromises over 80 Major eCommerce Sites

On August 28, more than 80 global e-commerce sites were reported to be attacked by the Magecart Group. Magecart is a loose attack organization that launched payment card attacks against companies such as Ticketmaster, Forbes, British Airways, and Newegg. The organization typically inserts a virtual credit card splitter (also known as formjacking) in a web application (usually a shopping cart) and then steals credit card information for sale on the black market.

According to a study released by Aite Group and Arxan Technologies on Wednesday, one-quarter (25%) of the sites attacked by Magnetecart are “large, well-known motorsports and luxury clothing brands”. In general, the affected locations are distributed in the United States, Canada, Europe, Latin America, and Asia. These 80+ sites all use the old version of Magento, and there is no tamper detection or code obfuscation.

Arxan chief scientist and research vice president said in the report that the advancement of the modern user experience has created a profitable attack surface in the web content provided through browsers and mobile phones. Any interface that accepts user input becomes the target of filtering. In addition, the widespread use of third-party components creates a supply chain that allows attackers to easily attack thousands of sites with just a few lines of code.

Published by & last updated on August 30, 2019 7:14 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On