#VB2019: Magecart Attack Groups Move to More Targeted Efforts

Oct 2, 2019 02:00 pm Cyber Security 285

#VB2019: Magecart Attack Groups Move to More Targeted Efforts

Speaking at the Virus Bulletin 2019 conference in London, Yonathan Klijnsman, head of threat research at RiskIQ, said that many groups had been identified as being behind recent Magecart attacks, but new movements were being made towards more targeted attacks.



Klijnsman explained that traditional Magecart attacks groups would get into a company’s network, and they would typically target e-commerce organizations, with only “25 lines of javascript.” He said that the web skimmers worked on the server side, and in 2016 RiskIQ observed more groups starting to do this, “and there are 15 active groups that we tracked.”



Pointing to Group 6 that IBM’s X-Force published a report on, Klijnsman said that “once they are in your network they will know more than you do, they are the admins you want to hire.” The group later hit both NewEgg and British Airways, having access to the former for six months, but crucially not being present during Black Friday, as they had been detected and removed by then.



Another called Group 5 are “experts in support,” and Klijnsman said that they know of at least 20 suppliers that have been hit by this group. “They hit one supplier who had over 100,000 victim websites” and while it delivers malicious code, it will not have access to payment data.



A group that RiskIQ plans to reveal more details on in the coming months is Group ..

Support the originator by clicking the read the rest link below.

vb2019 magecart attack groups targeted efforts
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!