WPO Image

MageCart The Main Cyber Threat For Ecommerce

MageCart is among the many cyber threats that infect the Internet. It targets ecommerce and online stores. We will be explaining what MageCart attacks are and how to protect yourself from them in this article.

What is MageCart?

MageCart is an assortment of cybercriminal groups (in Wikipedia, they say that there are seven), that have been working together to attack online businesses and inject malicious scripts to steal customer bank card information.

We are now facing a group dedicated to credit card skimming, which is probably the most popular form of online payment in most online shops. This could be providing great benefits to these criminal organizations

A brief history of MageCart campaign

We mentioned that MageCart is still around, and there are reports of it being active since 2016. According to RiskIQ researchers, MageCart would have launched various campaigns to target online businesses of any kind.

MageCart also affected online stores such as Ticketmaster, Amazon CloudFront and Forbes.

In 2018, British Airways was also the victim in a major theft of bank card information by MageCart. This affected 500,000 customers. The Information Commissioner’s Office fined the company 183 million pounds for this security breach.

The hackers behind MageCart will have launched two more massive campaigns in 2019 to inject their malware code into different ecommerce websites.

Within 24 hours, at least 962 ecommerce sites were affected by the first campaign. It appears that the Magento platform was the culprit. This is one of the most used ecommerce platforms by small online merchants.

The code would have been added 17,000 domains via JavaScript files in Amazon S3 buckets (file container misconfigured by affected e-businesses).

MageCart continues to conduct infection campaigns and exploits computer vulnerabilities to execute its attacks.

What is MageCart?

This group of cybercriminals uses different attack methods, but MageCart injects JavaScript and malicious skimmers into their campaigns to compromise online stores.

This is known as a supply chain attack. These malicious code injections can be done almost exclusively by exploiting vulnerabilities in websites or misconfigurations of software. These malicious codes can be used to infiltrate any JavaScript-enabled website, including legitimate applications. This is a serious problem as they can avoid detection for much longer.

After the skimmer has been installed on the online store’s website, it monitors all events to determine if credit card information is being entered. These data are recorded using various methods and then sent to an external server where they can be accessed by cybercriminals.

MageCart attacks are sophisticated and complex. They don’t always use the exact same methods, making them more difficult to stop. They are also active all around the globe, as cases have been found in e-commerce shops in different countries.

MageCart data is regularly sold on the Dark Web. This allows hackers to gain access to and even spoof compromised cards.

MageCart’s Consequences for Ecommerce

MageCart can have serious consequences for an online store.

One, your reputation will be damaged if you lose many customers to these bank card data thefts.

On the other hand, such attacks can cause economic losses for online stores beyond loss of sales or customers. Data protection control authorities may impose heavy fines on them if they have suffered a security breach that exposed your clients’ personal information (as we saw in the British Airways case). Additionally, these clients could sue for the damages.

How can MageCart online shops be protected?

MageCart’s adaptability and various attack vectors make it a serious threat to any electronic shop. It is important to have the tools to defend yourself against it, especially if you don’t want to lose customers or reputation.

MageCart exploits many vulnerabilities, so it is important to keep your online store and payment methods up-to-date.

Second, invest in a proactive security system that continuously monitors the platform to detect suspicious or abnormal processes or codes. This will help prevent data theft.

The online store is responsible for all defense and protection measures. Users cannot do much to prevent theft of card information. They can trust the security offered by legitimate e-commerce. As buyers, we recommend that you regularly review your credit card statements to detect suspicious activity. You can also inform your bank to cancel your card before it’s too late.


WPO Image

Hi, my name is Joseph Kennedy.

I work in technology for a firm in North Carolina. As a hobby, I write about anything tec related.

In this blog I wanted to express my interests but also to bring interest in specific subjects such as product analysis and review together with an insight into product development that is happening in the tec world

continue reading

Popular Posts

Techno Surf 3