Executive Guardian
Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
Magecart is a rapidly growing cybercrime syndicate comprised of dozens of subgroups that specialize in cyberattacks involving digital credit card theft by skimming online payment forms. It’s also fundamentally changing the way we view browser security.
A global phenomenon, Magecart is threatening the ability of consumers worldwide to shop online safely by stealthily intercepting their credit card data via their browser without the consumer or website owner’s knowledge. Although it’s just now getting global attention, Magecart has been active for nearly ten years—RiskIQ’s earliest Magecart observation occurred on August 8th, 2010.
Magecart works by operatives gaining access to websites either directly or via third-party services in supply-chain attacks and injecting malicious JavaScript that steals the data shoppers enter into online payment forms, typically on checkout pages. Quietly, it’s eating away at the e-commerce industry because website owners lack visibility into the code that’s running on their site, which is a bigger problem than most people realize. Skimming code can exist on a breached website for weeks, months, or even indefinitely, victimizing any visitor that makes purchases on that site.
RiskIQ’s global discovery platform gathers internet-wide telemetry that enables us to view websites as Magecart actors do; a unique perspective that provides unmatched visibility into this surging threat. In our latest report, we share the valuable insights gleaned from this telemetry data, which yields critical insight into the state of Magecart, whose skimmers have appeared over two million times, and directly breached over 18,000 hosts.
Download the report here, which includes insights such as:
The entire report, containing additional insights and information, is available for download here: https://www.riskiq.com/research/magecart-growing-threat/
RiskIQFollow
Gaining access to a website's #JavaScript is a boon for attackers. That's why #LNKR is so much more than just a browser extension https://t.co/Bx4dErrJF9
We're #ThreatHunting in D.C.! The #infosec community is out in force to learn how to supercharge their investigations with RiskIQ's advanced data sets inside the @PassiveTotal platform.
Via @Forbes, RiskIQ research finds over 18,000 websites infested with #Magecart card-skimming #malware https://t.co/dKSfziG3dr #ecommerce
Just Launched! Adam Hunt of @riskIQ and Fredrik Nilsson of @axisipvideo discuss #cybersecurity, #IoT, and the threat of regulatory fines from #dataprivacy breaches on the latest Inside @ForbesCouncils #podcast! https://t.co/G0UoPfQCHf
We're here at #sector2019! Swing by booth #406 to find out everything new with security outside the firewall, and find out how to start defending your internet attack surface today.
