[Breach Report] Profiling Magecart - eCommerce Scraping Attacks
Is your eCommerce platform secure as we head into the peak online shopping season? Big name online retailers have fallen victim to attacks by Magecart, a group of cyber criminals, which resulted in the exposure of the personal information of hundreds of thousands of their retail customers.
For many online retailers, holiday shopping accounts for 20-30% of total yearly sales; what many don’t realize is that this is also the busiest time of year for cyber criminals.
Magecart hacked and took advantage of a vulnerability in one of the largest eCommerce payment platforms to breach numerous retailers’ eCommerce sites.
But you can prepare and this report outlines how:
- The tactics, techniques, and procedures (TTP) in these attacks point to the involvement of multiple threat actors
- Cyber criminals are inserting malicious scripts into the online shopping process
- To audit code changes on critical pages for unauthorized additions and modifications