Other Attackers Reuse Old Magecart Domains: Report

Off Cyber Security Research,

In its report, RiskIQ has outlined the indications of compromise associated with the attacks, including the malicious domains that the threat actors used to “inject web-skimming #JavaScript into browsers or as a destination for the skimmed payment information,” the report states.

 

Magecart appears to be a loose association of about a dozen different groups. Its campaigns have been well-documented by RiskIQ and other #cybersecurity firms.

 

The success of the Magecart credit card attacks, which victimized hundreds of thousands of sites, millions of users and such major corporations as British Airways, Forbes, Ticketmaster and Newegg over the last 18 months, has led more cybercriminals to leverage Magecart’s tools, the researchers note in a report released Thursday.

 

Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ, a San Francisco-based cybersecurity firm.

 

Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management

 

 

Tags: , ,

Related posts

About The Author

Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.

Privacy Policy