Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The name Magecart has become ubiquitous as recent high-profile compromises have brought the threat of online card skimming to the forefront of security conversations and news publications.
Magecart, an umbrella term given to at least seven cybercrime groups, are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate and with frightening success. Responsible for victimizing scores of e-commerce sites including global brands Ticketmaster, British Airways, and Newegg, Magecart and its operatives intercepted thousands of consumer credit card records and are claiming more victims every day.
However, although Magecart is only now becoming a household name, its activity isn’t new and points to a complex and thriving criminal underworld that has operated in the shadows for years.
In a brand new RiskIQ and Flashpoint joint report, ‘Inside Magecart,‘ we build a timeline of the Magecart phenomenon from the inception of digital credit-card skimming—its evolution from a Cart32 shopping cart software backdoor to Magecart’s current all-out assault on e-commerce that compromises thousands of sites directly and via breaches of third-party suppliers.
We’ll also profile the six leading Magecart groups along with notable related unclassified threat groups, highlighting their skimmers, tactics, targets, and what makes them unique:
Group 1 & 2 – Casts a wide net for targeting, likely using automated tools to breach and skim sites. It monetizes with a sophisticated reshipping scheme.
Group 3 – Goes for a high volume of targets to go for as many victims as possible, but is unique in the way its skimmer works.
Group 4 – Extremely advanced, this group blends in with its victims’ sites to hide in plain sight and employs methods to avoid detection.
Group 5 – Implicated in the breach of Ticketmaster, this group hacks third-party suppliers to breach as many targets as it can.
Group 6 – Extremely selective and only going for top-tier targets, such as British Airways and Newegg, to secure a high volume of traffic and transactions.
Download the report
From there, Flashpoint delves into the commercial side of Magecart operations—the sale and distribution of stolen cards on underground shops, the monetization of Magecart operations through mule-handling and shipping goods, and the dynamics of an underground supply chain offering operatives skimmer kits and compromised e-commerce sites as a service.
RiskIQ, which detects internet-scale threats, is alerted to new Magecart breaches hourly, a clear indication that the group is extremely active and will continue to be a critical threat to all organizations offering online payment facilities, especially over the upcoming Black Friday weekend.
Download the report here for the intel you need to protect yourself from this growing threat.
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
RiskIQ's #COVID19 Daily Update for 4/3:
➡️U.S. and European countries evaluating phone-based surveillance to combat spread
➡️KS first state to use GPS to track residents' phones
➡️Carbon emissions could fall by 5% year-on-year
Read the full update here: https://bit.ly/2Uv3CMV
COVID-19: Tips for safely #shopping online https://wgntv.com/midday-news/covid-19-tips-for-safely-shopping-online/ @SEGinty @riskiq #covid19 #cybersecurity
@daphneleprince @ZDNet From improving cyber posture to detecting outbreaks & identifying patterns, these emerging tech companies are support the US government's Covid-19 response efforts: https://dcode.co/covid-19-response-dcode-alumni/ @Trifacta @myWickr @DataRobot @OmniSci @RiskIQ @thresher_io @fraym_io @IonChannel_io
MakeFrame: Magecart Group 7’s Latest Skimmer Has Claimed 19 Victim Sites https://www.riskiq.com/blog/labs/magecart-makeframe/ @RiskIQ #Magecart #skimmer
RiskIQ's #COVID19 Daily #Cybercrime Update for 4/2:
➡️#Healthcare providers and facilities in the U.S. and Europe see a surge of #ransomware attacks
➡️ZDNet identified five COVID-19-related malware strains
➡️Updated #spam stats
Read the full update here: https://bit.ly/2QwfRHS