Image: Steven Puetzer/Getty Images
Magecart attacks are decreasing in number but are becoming more stealthy, with researchers highlighting potential server-side blindspots in tracking them.
It’s not too often you hear about Magecart attacks. In the past few years, cybersecurity incidents that hit the headlines tended to involve attacks on core utilities and critical services, state-sponsored campaigns, ransomware, massive data breaches, and disruption on a broader scale than the issues that Magecart victims today often experience.
However, this doesn’t mean that the problem has gone away, and we shouldn’t forget that it’s not only SMBs at risk: big brands have fallen prey to this type of cyberattack in the past, including British Airways, Newegg, and Ticketmaster.
This code, embedded in the payment section of a website, will then harvest any card details put in by a customer and send them to an attacker-controlled server.