Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
Fig-1 A listing of domains running Coinhive in a RiskIQ Community Edition Public Project
To see the indicators associated with Coinhive, visit our RiskIQ Community Public project here.
Of course, this Monero mining technique is also an opportunity for bad actors to spin up fake, illegitimate websites to siphon money off of major brands with typosquatting domains. By leveraging domains or subdomains that appear to belong to major brands, these actors trick people into visiting their sites running the Coinhive Monero mining script to monetize their content. In the 991 domains we found, there were many examples of typo-squatting and domain infringement.
Unfortunately, Security teams lack visibility into all of the ways that they can be attacked externally, and struggle to answer the question, “where are the weaknesses in the armor?” The answer lies in understanding what belongs to your organization, how it’s connected to the rest of your asset inventory, and what potential vulnerabilities are exposed to compromise. In the case of Coinhive, it means being able to inventory all the third party code running on your web assets, and being able to detect instances of threat actors leveraging your brand on their illegitimate sites around the internet.
Currently, 92% of customers using RiskIQ Digital Footprint Enterprise had, at best, partial visibility into their internet-exposed digital assets before partnering with RiskIQ, half of which claimed to increase their insight into digital threats by at least 50% with our automated discovery and management capability.
Signing up for RiskIQ Community Edition now gives you access to one of the most popular RiskIQ products–Digital Footprint. When you sign up or sign in with your organizational email address, you get a glimpse into your organization’s attack surface.
For today's executives, protecting your organization means protecting yourself—and knowing that personal security sits at the confluence of the physical and digital worlds. https://t.co/HShORi3X6j #ExecutiveProtection #ExecutiveSecurity
Overlap in RiskIQ's unique data sets uncovered a massive threat campaign using popular marketing and analytics tools to target gift card retailers, distributors, and processors. Here's what you need to know https://t.co/GkHsPFwkkd #ThreatIntelligence
Magecart group compromises 17,000 domains by overwriting Amazon S3 buckets l https://t.co/WeyMpruitk @RiskIQ
You can think of Magecart as the ATM skimmers of the web. Thanks to poor security hygiene, they’ve managed to hit 17,000 domains and counting, including some of the 2,000 biggest sites in the world. https://t.co/Gjf5MbnZMa