Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
This Thanksgiving weekend, online threat actors are poised to claim a pretty big slice of the e-commerce pie.
Online shoppers filled e-commerce cash registers with more than $19.6 billion in sales over Black Friday and Cyber Monday in 2017, and are poised to spend even more this year. To show how cyber threat actors will target this enormous spike in revenue, RiskIQ released its 2018 Black Friday E-commerce Blacklist, which analyzes the results of a keyword query of our Global Blacklist and mobile app database focusing on the ten most trafficked e-commerce sites during Black Friday 2017 and five of the leading e-tailers in the UK.
By setting up fake mobile apps and landing pages with fraudulent branding, they fool consumers into downloading unsafe apps and visiting pages that redirect them to other fraudulent or malicious sites. Nearly 40 percent of the massive influx of spending caused by Black Friday and Cyber Monday in 2017 took place on mobile devices, making shoppers increasingly at risk of encountering threats in the mobile space.
The threat facing e-commerce this holiday shopping season is even more grave given the rise of Magecart, a collection of digital credit card-skimming groups that have stolen the records from an untold number of consumers across thousands of sites including British Airways and Ticketmaster. One of the leading traffic-getters on Black Friday, Newegg, has already been affected by Magecart earlier this year.
Download the full report here
For shoppers, what starts as an attempt to fulfill their holiday shopping checklist for pennies on the dollar can turn into a financial nightmare. For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects. Talk about indigestion.
The report provides crucial intel for this year’s Black Friday/Cyber Monday shopping weekend, such as:
– Of Black Friday-specific apps: more than 5 percent of mobile apps out of the 4,331 total that can be found searching “Black Friday” in global app stores is blacklisted as malicious.
– Threat actors have focused on the top five leading brands in e-commerce. These brands have a combined total of 6,600 blacklisted apps that contain their branded terms in the title or description.
– The top-10 most trafficked brands averaged over 17 blacklisted apps containing both the branded terms and “Black Friday,” in the title or description, showing clear intent by threat actors to leverage the shopping holiday.
– RiskIQ has detected an average of 89,837 monthly instances of magecart, the digital credit card-skimmer, between August and October 2018.
The source of RiskIQ’s blacklists is through the collection of internet data, which it gathers by scanning, crawling, and passive-sensing the internet—including web pages, mobile apps and stores, and social websites and apps. RiskIQ’s crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, hundreds of locations across the world, 40 million mobile apps, and 600 million domain records.
Read the entire 2018 Black Friday E-commerce Blacklist report here.
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Targeted #cyberthreats are spiking during #COVID19. We provide one source for information to simplify and accelerate your investigation process #ThreatHunting https://bit.ly/3c9xKoq
RiskIQ researchers just doubled the number of IoCs in the Pastebin. Please continue to monitor it for updates as this situation evolves https://pastebin.com/h64CK3CG #twitterhack #twitterhacks #ThreatIntel #IOCs
Just in case my last tweet got lost in the thread storm, @RiskIQ's list of domains apparently tied to this scam gives us a pretty good idea of who was targeted here. https://pastebin.com/h64CK3CG
This is developing very quickly, but seems to have been staged well in advance. Take a look at some these domains set up to support this scam. H/T @RiskIQ https://twitter.com/ydklijnsma/status/1283508384335925248
Leveraging @RiskIQ's datasets we have identified more infrastructure tied to the current cryptocurrency scammers impacting @elonmusk , @billgates, etc. This is research data, validate before taking action, it might identify new targets also.
At this point we can just assume the entire platform compromised. https://twitter.com/ydklijnsma/status/1283503695796162560
And they've just crossed the cryptocurrency boundary https://twitter.com/ydklijnsma/status/1283501318917611521