Magecart Part II: From Javascript Injects to Reshipping for Financial Gain

When people think of credit card theft, they often think of skimming, point-of-sale devices infected with malware, and large-scale data breaches. But online stores remain one of the most vulnerable means of stealing credit card data.

Last October, we profiled a threat known as Magecart, which injects JavaScript code into e-commerce sites running outdated and unpatched versions of shopping cart software. By logging consumer keystrokes, Magecart captures large quantities of payment card information from unsuspecting shoppers.

In our follow-on report, Magecart Part II: From Javascript Injects to Reshipping for Financial Gain, we take a rare glimpse into the offline world of digital threats. Continued tracking of Magecart activity over the last few months showed how the actors behind it are cashing-in by reshipping items purchased with stolen cards via a physical reshipping company operating with mules in the U.S.

Download the full report for a deep dive into:

  • The evolution of payment card theft
  • Magecart infrastructure: what it looks like, how to detect it, and how it’s evolving
  • Why e-commerce sites and consumers are at risk
  • The Magecart operators’ offline rackets and why they work
  • Guidance for e-commerce site owners and why having a dynamic view of their digital footprint is key to defending themselves

Get the Report