According to Dutch security company Sansec, a new Magecart attack has been discovered targeting multiple e-commerce platforms with the same attack. Magecart, also known as e-skimming is usually done by inserting malicious scripts into a website’s checkout page. In this case, the attackers are displaying a fake payment page before customers land on the real payment page. The fake checkout page will record the data that was entered on it including the credit card information. From there, the fake page display returns an error to the victim when they attempt to proceed with the checkout. After the error is displayed, the victim will be redirected to the legitimate checkout page where they can continue to checkout, not knowing their information was already stolen. To help evade detection, the skimmer would also exfiltrate its data to automatically generated domains based on a counter and encoded using base64 encoding.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security