Magecart continues to pose a threat

What is it?
Magecart is continuously on the rise and becoming more sophisticated and remains consistent way hackers have been able to ruin your day. Magecart is a catch-all phrase that encompasses several groups of cybercriminals who inject malicious code into the checkout page of a website to pilfer sensitive data. This stolen information is then sold on the dark web or used for making fraudulent purchases. These attacks pose a significant threat to both online businesses and their customers.

How does it work?
This cybercrime involves stealing customers’ details and payment card information from unsecure eCommerce websites. First, the hackers will breach an eCommerce website through different methods, most likely an unpatched vulnerability, and install malware that funnels payment data to a hostile collection server. The most commonly used method used by Magecart groups is formjacking, which involves implanting malicious code into websites in order to steal credit card information when it is entered on the checkout page. So an example of this would be a checkout form that looks exactly like the eCommerce website form. Can you tell which one is Magecart below?

What can you do?

  • Avoid entering personal information on websites you do not trust.
  • Verify the domain URL to ensure it is not a fake domain with a similar name created by attackers.
  • Use browser plugins or reputed Antivirus/EDR to prevent JavaScript loading from untrusted sites. This can help reduce the surface of the attack.

However, it’s important to note that these techniques cannot protect against malicious code that is already embedded in trusted sites, so it’s essential to always be vigilant and cautious when entering personal information online.

Britec Helps
At Britec, we stay on the pulse of information security and all our clients are patched and protected. If you have been impacted and need help, please contact us.