Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The name Magecart has become ubiquitous as recent high-profile compromises have brought the threat of online card skimming to the forefront of security conversations and news publications.
Magecart, an umbrella term given to at least seven cybercrime groups, are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate and with frightening success. Responsible for victimizing scores of e-commerce sites including global brands Ticketmaster, British Airways, and Newegg, Magecart and its operatives intercepted thousands of consumer credit card records and are claiming more victims every day.
However, although Magecart is only now becoming a household name, its activity isn’t new and points to a complex and thriving criminal underworld that has operated in the shadows for years.
In a brand new RiskIQ and Flashpoint joint report, ‘Inside Magecart,‘ we build a timeline of the Magecart phenomenon from the inception of digital credit-card skimming—its evolution from a Cart32 shopping cart software backdoor to Magecart’s current all-out assault on e-commerce that compromises thousands of sites directly and via breaches of third-party suppliers.
We’ll also profile the six leading Magecart groups along with notable related unclassified threat groups, highlighting their skimmers, tactics, targets, and what makes them unique:
Group 1 & 2 – Casts a wide net for targeting, likely using automated tools to breach and skim sites. It monetizes with a sophisticated reshipping scheme.
Group 3 – Goes for a high volume of targets to go for as many victims as possible, but is unique in the way its skimmer works.
Group 4 – Extremely advanced, this group blends in with its victims’ sites to hide in plain sight and employs methods to avoid detection.
Group 5 – Implicated in the breach of Ticketmaster, this group hacks third-party suppliers to breach as many targets as it can.
Group 6 – Extremely selective and only going for top-tier targets, such as British Airways and Newegg, to secure a high volume of traffic and transactions.
Download the report
From there, Flashpoint delves into the commercial side of Magecart operations—the sale and distribution of stolen cards on underground shops, the monetization of Magecart operations through mule-handling and shipping goods, and the dynamics of an underground supply chain offering operatives skimmer kits and compromised e-commerce sites as a service.
RiskIQ, which detects internet-scale threats, is alerted to new Magecart breaches hourly, a clear indication that the group is extremely active and will continue to be a critical threat to all organizations offering online payment facilities, especially over the upcoming Black Friday weekend.
Download the report here for the intel you need to protect yourself from this growing threat.
The latest episode of SwigCast is out! We tackle card skimmers and the evolution of Magecart with @RiskIQ technical director Terry Bishop
We're here at Pittsburgh Information Security Awareness Day, chatting with western Pennsylvania #infosec pros about Attack Surface Management! Read all about this great event here: https://t.co/YusL3t5fGQ
Our #CTO Adam Hunt discusses the trend of businesses expanding their online presence quicker than their infrastructure can be secured in the most recent issue of @TodaysBoardroom (p.28) https://t.co/SY7pgpUu1o
Dan Schoenbaum, President of @RiskIQ strongly believes in taking the responsibility seriously for protecting the customers from cyber-attacks.
Read more https://t.co/mKKg0cbHEi
#cyber #CybersecurityNews #cybersecurity #cybersecurite #digitalart #Digital
@RiskIQ World Leader in attack surface management, was secured a place in the list of "30 Great Places to Work 2019" by #CIO_Bulletin