Security researchers were able to link one of the hacking groups operating under the Magecart umbrella to the infamous threat actor known as the Cobalt Group.
Magecart hackers made it into the spotlight last year, after the high-profile breaches at Ticketmaster, British Airways, and Newegg, but they have been active for at least a decade, RiskIQ says.
There are numerous groups operating under the Magecart umbrella, with their infrastructure flooding the Internet, RiskIQ, which has identified dozens of known groups and over 570 command and control (C&C) domains, explains in a new report.
Some of these groups, however, appear tied to more prominent threat actors, a joint report from security researchers at Malwarebytes and HYAS Threat Intelligence reveals.
While Magecart Group 6 was previously linked to the FIN6 hackers, Malwarebytes and HYAS now reveal they have found ties between Group 4 and the Cobalt Gang, including matching patterns in the email addresses used to register domains.
Furthermore, the researchers explain that Group 4 has been conducting both client-side and server-side skimming, which sets it apart from most Magecart ..
Support the originator by clicking the read the rest link below.
