Scale of Magecart attacks growing
The scale of the Magecart web skimming malware, a scam which attempts to harvest payment information via malicious JavaScript, is ‘much larger than previously reported’ according to a new RiskIQ study.
Magecart is targeting unprotected AWS S3 buckets, used to store uploaded data including card details. It has reportedly compromised over 17,000 websites since April.
The success in Magecart’s infection numbers come from what the RiskIQ study labels its ‘shotgun approach’. Rather than targeting uniquely weak or profitable S3 buckets, its developers have opted to focus on spread, hitting as many domains as possible.
Despite the comparative-randomness of the attacks, the report suggested that the group behind Magecart ‘likely ended up getting their skimmer on enough payment pages to make their attack lucrative.’
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.