Is Your Ecommerce Site Protected Against Magecart Attacks?

magecart 2Is your ecommerce site protected against Magecart attacks? Do you even know what Magecart is? CSO Online defines Magecart as: “a consortium of malicious hacker groups who target online shopping cart systems, usually the Magento system, to steal customer payment card information.” The customer payment information is usually stolen using malicious JavaScript code which is inserted onto ecommerce sites.
In a recent Threatpost article, researchers revealed that there is a growing industry on underground forums where these “sniffers” are being advertised, sold and regularly updated. Similar to ransomware as a service, there is a booming business on the dark web where hackers are “continually developing and advertising customized payment sniffers that are updated regularly, contain multiple capabilities, and are available for purchase or rent – making this type of web based attack more readily available to cybercriminals of all calibers, from sophisticated actors to script kiddies.” Just as ransomware has seen a boom during the COVID-19 pandemic, Magecart skimming has also become even more popular during the pandemic, as more and more people are online shopping. Many businesses have also just entered the ecommerce business to continue to grow their business during COVID-19. Hackers are interested in skimmers to harvest this PII (personal identifiable information) to either sell it to others on the dark web or are using this PII to purchase goods and resell later for a profit. Either way you look at it, Magecart skimming is big business, and a big threat to your online business. So, what steps can you take to ensure you don’t suffer a Magecart attack?
  • Ensure your third-party providers are protecting themselves from Javascripting or css attacks. Ensure there are constantly doing self-assessments of their code or other audits.
  • Regularly analyse your web traffic for suspicious behaviours. Web page monitoring for any suspicious activity is key, especially one that can detect in real time when malicious code is injecting onto the site, or better yet, prevent it altogether.
  • Implement client-side protections such as web skimming or malware protection
  • If possible, adopt a zero-trust approach to third-party JavaScript, which will effectively disarming the threat without having to rely on detection methods.
The steps above can be implemented at anytime to help stop the threat of a Magecart attack. If you need help with any of the above steps, Uzado is available to help your business secure its ecommerce business.

Leave a Comment

Your email address will not be published. Required fields are marked *