Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
May 2, 2019
RiskIQ Research Warns of Vulnerabilities Outside of Magento
SAN FRANCISCO – May 2, 2019 – RiskIQ, the global leader in attack surface management, today released research exposing web skimming attacks on e-commerce sites running third-party payment platforms like OpenCart.
A rash of breaches by web-skimming groups under the infamous Magecart umbrella have made national headlines for targeting the Magento platform. However, the research shows the threat of web skimming goes well beyond Magento to dozens of third-party payment platforms used by hundreds of thousands of stores around the world.
“Organizations need to understand that skimming groups can prey on any web environment and we see every online shopping platform targeted in our telemetry data,” said Yonathan Klijnsma, RiskIQ Threat Researcher. “Skimming attacks on any platform is a critical issue because while payment data is currently the focus, we’re already seeing moves to skim login credentials and other sensitive information. This widens the scope of potential Magecart victims far beyond e-commerce.”
Key findings include:
The rise of web-skimming coincides with the development and evolution of online shopping platforms that power not only large e-tailers but thousands of smaller stores. While breaches of prominent brands like British Airways and Ticketmaster have become infamous, it’s the lesser-known stores that help Magecart thrive since they are more prone to security flaws.
To download the full OpenCart analysis, visit: https://www.riskiq.com/blog/labs/magecart-beyond-magento
RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, security teams and CISO’s, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures. Visit https://www.riskiq.com or follow us on Twitter. Try RiskIQ Community Edition for free by visiting https://www.riskiq.com/community/
© 2019 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.
Front Lines Media