Magecart attacks are still around. And they are becoming more stealthy

Image: Steven Puetzer/Getty Images

Magecart attacks are decreasing in number but are becoming more stealthy, with researchers highlighting potential server-side blindspots in tracking them.

It’s not too often you hear about Magecart attacks. In the past few years, cybersecurity incidents that hit the headlines tended to involve attacks on core utilities and critical services, state-sponsored campaigns, ransomware, massive data breaches, and disruption on a broader scale than the issues that Magecart victims today often experience.

However, this doesn’t mean that the problem has gone away, and we shouldn’t forget that it’s not only SMBs at risk: big brands have fallen prey to this type of cyberattack in the past, including British Airways, Newegg, and Ticketmaster.

SEE: Ransomware attacks: This is the data that cyber criminals really want to steal

Magecart describes cyberattacks that home in on the e-commerce capabilities of a website. Also known as card-skimming attacks, threat actors will often exploit a vulnerability in the backend content management system of a website or third-party dependencies and covertly implant malicious JavaScript code.

This code, embedded in the payment section of a website, will then harvest any card details put in by a customer and send them to an attacker-controlled server.


Read More: