PassiveTotal Thursday:
Investigating the MyPillow Magecart breach

  • Speaker(s): Caroline Yoon, RiskIQ

Magecart, an umbrella term for dozens of criminal groups that place skimming code in the Javascript of websites to intercept data typed into forms on online stores, is one of the leading threats facing e-commerce today.

In October 2018, Magecart breached popular bedding retailer MyPillow’s online platform to steal payment information by injecting scripts into their official web store using typo-squatting domains to host their skimmers. With RiskIQ’s crawling infrastructure, which downloads pages to capture the full page contents and Document Object Model (DOM), we surfaced the attack and identified the IOCs involved.

In this edition of PT Thursday, we’ll cover the tactics and threat infrastructure used in this attack, and show how you can use the unique data sets in RiskIQ PassiveTotal to conduct research and be proactive in protecting your organization against threats.

Watch today to learn:

  • How to spot some patterns and identify hallmarks of a legitimate domain vs a “bad” one by comparing their infrastructure.
  • How to use RiskIQ’s unique Host Pairs data sets to surface threat infrastructure that’s using the resources of your website.
  • How to create and leverage Projects inside the platform to group related activity, keep track of your investigations, and easily collaborate with team members.

Watch the Webinar