RiskIQ
  • Products
        • RiskIQ Illuminate® Internet IntelligenceRelevant, actionable security intelligence for your interconnected world
        • RiskIQ PassiveTotal®Investigate Threats. PassiveTotal simplifies the event investigation process
        • RiskIQ Digital Footprint®Discover the Unknowns. You can’t protect what you don’t know
        • RiskIQ External Threats®Brand intelligence against domain abuse, data leaks, phishing, and fraud
        • Featured RESOURCE

          RiskIQ Illuminate® Internet Intelligence Platform Datasheet

          Read More
          post image
  • Use Cases
        • Cyber Threat
          Intelligence
          • Attack Surface Intelligence
          • Security Operations Intelligence
          • Cyber Threat Intelligence
          • Third-Party Intelligence
          • Vulnerability Intelligence
        • External Attack Surface Management
          • Attack Surface Management
          • Incident Response
          • SecOps Automation
          • Digital Risk Monitoring
          • Third-Party Risk Management
        • Featured RESOURCE

          Five Security Intelligence Must-Haves For Next-Gen Attack Surface Management

          Read More
          post image
  • Resources
        • Internet Intelligence
        • What is External Attack Surface Management?
        • What is Threat Intelligence?
        • On-Demand Workshops
        • Resources Center
        • Events
        • Newsroom
        • Blog
        • Featured RESOURCE

          5-Questions Security Intelligence Must Answer

          Read More
          post image
  • Partners
        • Interlock Partner Ecosystem
        • Channel Partner Program
        • Technology Partners
        • MSSP Partner Program
        • Featured RESOURCE

          Threat Investigations and Response RiskIQ Solution Brief

          Read More
          post image
  • About
        • About Us
        • Why RiskIQ?
        • Careers
        • Featured RESOURCE

          Illuminate One-Hour On-Demand Event

          Read More
          post image
  • Get Started
  • Workshops
  • Community Login
  • Community Login
  • Workshops
  • Get Started
Research
Magecart: The State of a Growing Threat

Magecart is a rapidly growing cybercrime syndicate comprised of dozens of subgroups that specialize in cyberattacks involving digital credit card theft. By placing its malicio...

Magecart is a rapidly growing cybercrime syndicate comprised of dozens of subgroups that s...

Read More
Research
Gift Cardsharks

Businesses are targets for large, organized, and well-funded cyber threat campaigns that use massive amounts of infrastructure both beyond the firewall and on the internal net...

Businesses are targets for large, organized, and well-funded cyber threat campaigns that u...

Read More
Research
Inside Magecart

Magecart, an umbrella term given to at least seven distinct cybercriminal groups, are placing digital credit card skimmers on compromised e-commerce sites like British Airways...

Magecart, an umbrella term given to at least seven distinct cybercriminal groups, are plac...

Read More
MakeFrame: Magecart Group 7’s Latest Skimmer
02 April 2020

At RiskIQ, we track many different Magecart groups. We continually observe evolutions in the techniques they employ to skim card data and obfuscate the code that they use for ...

At RiskIQ, we track many different Magecart groups. We continually observe evolutions in t...

Read More
Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims
18 March 2020

On Thursday, February 20th, around 3 pm GMT, criminals RiskIQ identifies as Magecart Group 8 placed a JavaScript skimmer on the international website for blender manufacturer ...

On Thursday, February 20th, around 3 pm GMT, criminals RiskIQ identifies as Magecart Group...

Read More
Magecart Group 12’s Latest: Actors Behind Cyberattacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign
07 February 2020

A recent blog post by Jacob Pimental and Max Kersten highlighted Magecart activity targeting ticket re-selling websites for the 2020 Olympics and EUFA Euro 2020, olympicticket...

A recent blog post by Jacob Pimental and Max Kersten highlighted Magecart activity targeti...

Read More
The Consumer Guide to Shopping Safely in the Age of Magecart
25 September 2019

For the last ten years, the e-commerce industry has been battling a stealthy enemy in digital web skimming. Dubbed Magecart by RiskIQ when we first reported on the threat, the...

For the last ten years, the e-commerce industry has been battling a stealthy enemy in digi...

Read More
Old Magecart Domains are Being Bought Up for Monetization
19 September 2019

Old Magecart domains are finding new life in subsequent cyber threat campaigns, many of which are entirely unrelated to web skimming. 
Over the years, we’ve outed many Mag...

Old Magecart domains are finding new life in subsequent cyber threat campaigns, many of wh...

Read More
What’s in a Malvertisement? More Magecart and a 186% Spike in Drive-by Delivery
22 August 2019

What's in a malvertisement?
The answer to that question is always changing because malvertising is ever-evolving. However, a six-month sample of RiskIQ's cyber threat detection...

What's in a malvertisement?
The answer to that question is always changing because malvert...

Read More
Spray and Pray: Magecart Campaign Breaches Websites En Masse Via Misconfigured Amazon S3 Buckets
11 July 2019

On May 14th, RiskIQ covered the latest mass compromise of third-party web suppliers by a Magecart group. This initial report focused on seven of these suppliers, the scripts o...

On May 14th, RiskIQ covered the latest mass compromise of third-party web suppliers by a M...

Read More
Magecart Supply-chain Frenzy Continues With AppLixir, RYVIU, OmniKick, eGain, AdMaxim, CloudCMS & Picreel
15 May 2019

Last weekend, security researchers surfaced new supply-chain attacks involving Magecart web-skimmers placed on several web-based suppliers, including AdMaxim, CloudCMS, and Pi...

Last weekend, security researchers surfaced new supply-chain attacks involving Magecart we...

Read More
Magento Attack: All Payment Platforms are Targets for Magecart Attacks
02 May 2019

With our internet-wide telemetry, RiskIQ has discovered some of the most significant Magecart attacks ever carried out. These involved a host of different tools and tactics in...

With our internet-wide telemetry, RiskIQ has discovered some of the most significant Magec...

Read More
Consumers May Lose Sleep Over These Two New Magecart Breaches
20 March 2019

We've seen Magecart conduct numerous high-profile digital credit card-skimming attacks against major international companies like British Airways, Ticketmaster, and Newegg. The...

We've seen Magecart conduct numerous high-profile digital credit card-skimming attacks agai...

Read More
Magecart Isn’t Just a Security Problem; It’s Also a Business Problem
12 March 2019

Magecart is more than just a security problem—it's also a business problem.
When threat actors breached British Airways in September resulting in the compromise of thousand...

Magecart is more than just a security problem—it's also a business problem.
When threat...

Read More
Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime
28 February 2019

In November of 2018, we published the cornerstone report  "Inside Magecart," in which we disclosed the existence of seven distinct Magecart groups and described in detail thei...

In November of 2018, we published the cornerstone report  "Inside Magecart," in which we d...

Read More
New Year, Same Magecart: The Continuation of Web-based Supply Chain Attacks
16 January 2019

RiskIQ has tracked Magecart and exposed their attacks for years. Now, the term is top-of-mind in the security community and beyond, with a Google search of ‘Magecart’ retu...

RiskIQ has tracked Magecart and exposed their attacks for years. Now, the term is top-of-m...

Read More
In Latest Magecart Evolution, Group 11 Stole More Than Just Card Data From Vision Direct
04 December 2018

Since we began reporting on online card skimming, we have noted consistent evolutions in modus operandi of the various Magecart groups, and even the Magecart phenomenon itself...

Since we began reporting on online card skimming, we have noted consistent evolutions in m...

Read More
CBS News: A Look Behind the Magecart Assault on E-commerce
01 November 2018

Magecart, an umbrella term given to at least seven cybercriminal groups that are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate,...

Magecart, an umbrella term given to at least seven cybercriminal groups that are placing d...

Read More
The Magecart Seal of Approval: Cybercriminal Card-Skimming Group Executes Scaled Supply Chain Attack on Shopper Approved
09 October 2018

Over the past several months, we’ve published four reports on the digital credit card-skimming activities of Magecart—mainly regarding significant breaches like Ticketmast...

Over the past several months, we’ve published four reports on the digital credit card-sk...

Read More
Another Victim of the Magecart Assault Emerges: Newegg
19 September 2018

RiskIQ conducted the research for this report in collaboration with Volexity, which will release a separate report of its own. From different perspectives, we will discuss the...

RiskIQ conducted the research for this report in collaboration with Volexity, which will r...

Read More
Inside the Magecart Breach of British Airways: How 22 Lines of Code Claimed 380,000 Victims
11 September 2018

On September 6th, British Airways announced it had suffered a breach resulting in the theft of customer data. In interviews with the BBC, the company noted that around 380,000...

On September 6th, British Airways announced it had suffered a breach resulting in the thef...

Read More
Uncovering Magecart With RiskIQ Data: How We Did It
26 July 2018

The Magecart project is the biggest thing I’ve worked on in my career in both the scope of the cyber threat, the effects of the breaches, and, as a result, the media attenti...

The Magecart project is the biggest thing I’ve worked on in my career in both the scope ...

Read More
Inside and Beyond Ticketmaster: The Many Breaches of Magecart
09 July 2018

On June 27th, Ticketmaster, a ticket sales and distribution company, made public they had been compromised and that hackers stole customer information. However, we discovered ...

On June 27th, Ticketmaster, a ticket sales and distribution company, made public they had ...

Read More
Magecart Threat Actors are Reshipping Items Purchased with Stolen Cards via Mules in the U.S.
12 July 2017

Magecart is back, and the operation is more elaborate than we thought, involving physical shipping companies with mules operating in the United States.
Credit card data is a ...

Magecart is back, and the operation is more elaborate than we thought, involving physical ...

Read More
RiskIQ

Take charge of your digital presence and combat threats to your organization.

  • facebook facebook
  • twitter twitter
  • linkedin linkedin
  • rss rss

Copyright © 2023 RiskIQ.
All Rights Reserved.

  • Terms of Use
  • Privacy Policy

Products

  • RiskIQIlluminate®
  • RiskIQPassiveTotal®
  • RiskIQDigital Footprint®
  • RiskIQExternal Threats®

Resources

  • Resource Center
  • Research
  • Videos
  • Webinars
  • Support

News

  • News and Press
  • Blog
  • Events

About

  • About RiskIQ
  • Leadership Team
  • Partners
  • Careers
  • Contact Us
  • facebook facebook
  • twitter twitter
  • linkedin linkedin
  • rss rss

Copyright © 2023 RiskIQ.
All Rights Reserved.

  • Terms of Use
  • Privacy Policy