Magecart is a group of malicious hackers who target online shopping cart systems, generally those using the Magento system, to steal customer payment card information. This is known as a supply chain attack. The idea behind these attacks is to compromise the third-party software of a VAR (Value Added Distributor) or a systems integrator, or infect an industrial process unknown to IT.
Shopping carts are attractive targets because they collect payment information from customers – if your malware can take advantage of this data stream, you have a card harvesting tool at your fingertips. Almost all e-commerce web pages that use carts do not properly examine the code used in these third-party tools, a perfect tool for these criminals.
One of the reasons that Magecart is such a dangerous threat is that it doesn’t just directly attack the companies it wants to compromise. One tactic that this group increasingly resorts to, and one that is a trend among cybercriminal organizations this 2019, is attacks on the supply chain. To achieve this, they install their code in, for example, the web ad provider that will then be embedded in the websites they want to attack. In this way, they manage to go unnoticed by the victims.
Magecart has a very wide range of techniques and vectors to threaten your company. For this reason, it is very important to have very strict controls over your computer network and everything that happens within it. Since e-commerce is an ever-growing industry, it is very likely that we will continue to see attacks from Magecart, which will take advantage of companies that do not have adequate protections. Therefore, ensuring the security of your company, and therefore that of your customers and users, is more important than ever, but this is not only with this threat since there are many that we can run into.
Other reads:
Molerats, A Troubled Cybercriminal Group
OldGremlin criminal group aiming russian companies
