How to Protect from Magecart Attack?
Magecart is a large group of hackers as well as a typical attack targeting mainly online shopping carts. This kind of attack became very common for the last years. Learn how to protect your online store from the Magecart attack.
What Is Magecart?
We have already told you of the necessity to properly secure your online shops in this article. Here you can learn more about one of the most dangerous type of attack – Magecart – hitting mainly ecommerce websites.
Want to have an in-depth understanding of all modern aspects of Magecart? Read carefully this article and bookmark it to get back later, we regularly update this page.
Firstly, cybersecurity experts noticed this criminal group activity in 2010, although the Magecart became wide-known not so long ago. For over 10 years of observation Magecart attack was detected about 2 million times. Totally from 2010, the Magecart is responsible for hacking more than 18,000 hosts. To drive malicious code, criminals used 573 domains with approximately 10,000 download links with Magecart malware.
According to Computerweekly during COVID-19 pandemics Magecart attacks on online retailers jump by 20%.
Who Is Under Magecart Attack?
In 2018 the British ticket company Ticketmaster suffered a notable Magecart attack. Criminals introduced a skimmer through software to aid customers.
Later, a malicious script was found in the products of other providers. In general, more than 800 online stores and about ten thousand users suffered from Magecart.
The new attacks on ecommerce sites are generally similar to the previous Magecart attacks, but there is a relatively new group behind them, which the experts called Magecart Group 12. In total, it attacked 277 services related to booking airline tickets and tourism, online cosmetics and clothing stores and so forth.
Analysts assess that a malicious script works on average about twenty days. However, once in a while a skimmer can stay on the web page for years, stealing the records of website traffic. Some Magecart criminal groups used the purchased Skimmer Inter Skimmer Kit, which has been on sale at the dark web for more than a year.
So, it means that theoretically each and any online store can be at risk of Magecart Attack!
Very often it happens that the data stolen from websites is sold via Dark Web. Now you can check for free if your website data is on sale with the help of ImmuniWeb Domain Security Test.
How Does Magecart Attack Work?
Although hackers often infect sites that are not stores at all and do not even have payment pages, experts say that by emphasizing the number of attacks, the attackers managed to introduce skimmers to a sufficient number of payment pages. It is reported that among the victims were companies that provide services to other sites, the infection of several JS-files led to the fact that the malware spread to thousands of other resources.
In 2019 during fulminant attack, cybercriminals hacked nearly 1000 e-commerce websites in just 24 hours, proving that they did not act manually, but used automated tools. Most of the affected resources were small e-shops, although there are also several large enterprises among them.
The skimming script was used to steal information from visitors of online stores, in particular, data from their bank cards, names, phone numbers and addresses. Then the script records all the data entered on payment pages and caches them in the browser until the victim refreshes the page or switches to another tab. The stolen data is then sent to a server controlled by cybercriminals.
How to Secure from Magecart?
To protect your company from Magecart Attack, make a complete inventory of your digital assets using ImmuniWeb Discovery. It finds all possible web and mobile applications, sets a security score for each of them, and shows which apps are critical for fixing. Moreover, it can search the Dark Web, cloud storages, and code repositories for all possible data leaks.
After a complete inventory you can proceed to the AI-enhanced penetration testing which ultimately protects your organization from any security threats, including Magecart Attack and other most modern hacker attack methods that cyber criminals constantly invent.