E-commerce is growing at an unprecedented rate all over the world, with a tremendous increase in online buyers every year. Some notorious cybercrimes accompany e-commerce’s sprawl across the globe. These attackers, with malicious intentions, hijack the payment portals of e-commerce websites, gathering payment credentials of buyers. One such infamous syndicate of cyber attackers, targeting e-commerce, is Magecart (or Magekart).
Supply Chain Attack and Digital Skimming
Supply Chain attack, also called value-chain or third-party attack, is a technique to compromise a system through an outside software or utility which already has access to the target system. These external platforms usually include services which are integrated with a website to improve functionality. The most vulnerable ones are targetted. In the case of Magecart attacks, the most targetted third-party services to hijack shopping websites have been Magneto and Opencart. When a single service vendor is compromised, Magecart gets access to thousands of sites at once!
Digital skimming, also known as online card skimming or simply, web skimming, is the malicious practise of acquiring credit card or payment data of web visitors. ATMs and shopping malls have seen physical skimming, with the use of webcams and installing devices to obtain credit/debit card details stealthily. Web skimmers do the same thing using advanced digital tools and malicious scripts to hijack payment webpages, and present their payment page or similar form to unsuspecting users. Formjacking is the term used for hackers who use proxy payment pages on the web servers to steal PII(Personal Identifiable Information). Digital skimming is the signature technique used by Magecart attackers to tamper with checkout pages on online shopping websites.
Executing both techniques together, Magecart attackers gather credentials.
The Magecart Attack
The injected code captures the information entered by the buyer with credit card number and pin. This information is transmitted to the attacker’s server. And these cybercriminals are free to go shopping with the buyer’s account details!
In 2018, a Magecart skimmer code compromised multiple websites every hour! This earned them a spot on the list of “The Most Dangerous People On The Internet In 2018”.
Magecart executes the most preeminent digital skimming attacks. And no Magecart hacker has been caught till date!
Magecart is a familiar adversary for e-commerce giants since its inception. The RiskIQ research states Magecart has hit at least 6400 sites. Digital skimming is the new normal for them.
Mitigation and Prevention Methods
Content Security Policy(CSP) and Sub Resource Integrity(SRI) are some web technologies used to protect web visitors, as they restrict where scripts are loaded from, and maintain integrity.
Owners with limited resources can use free online website scanners which can spot suspicious scripts.
In the wake of COVID-19, when brick-and-mortar outlets are closed for shoppers, online shopping has ramped up. Many e-commerce websites witnessed system breaches and information theft of millions of buyers during this time. So it is always better to avoid smaller and less known shopping sites as these are seen to be more vulnerable for information theft.
Ayush Dubey is an engineering student from IIIT Jabalpur. He has a comprehensive background in technology. Cybersecurity being his primary field of interest. He loves to meet people who are always in a hustle to learn new things.
BlARROW is a unilingual, electronic, free-content site which composes write-ups on issues concerning online security and architecture technology. It is run helpfully by content scholars who write on a broad scope of subjects. Anyone with access to the internet connection and an ache to gain some new useful knowledge can get to these articles. Aside from this, they additionally give Udemy coupons, Appstore Games, and applications, all for free.
So, in case one is curious to learn something new, gain widespread knowledge without drawing a hole in the pocket.