Magecart (Group 5): The financially motivated group Magecart, specifically Group 5 (MG5) in this case, is known for carrying out attacks on third-party suppliers in an effort to breach as many targets as possible. Researchers uncovered tests being carried out by the group that aims at injecting malicious code into JavaScript files that will eventually be loaded into L7 routers. L7 routers are used by restaurants, airports, and hotels among other places. These routers can distribute free wi-fi or allow a guest to connect to and then purchase a wi-fi plan, but most are connected to without any thought of compromise by the user. Research showed MG5 will inject their malicious card-skimming code into well-known JavaScript libraries, which are free to use and helps compatibility between websites and mobile browsing. These libraries will be uploaded to the routers. By doing this, the group is able to steal the card information that is being used when purchasing items when using a compromised router. The group is also trying to inject advertisements that would pop up when individuals connect to the router–enticing victims to click on them and eventually connect the user to the internet where they would attempt to steal their information.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security