E-Commerce Assault Continues
released a joint report with Flashpoint analyzing Magecart, an umbrella
term given to at least seven prolific cybercriminal groups placing
digital credit card skimmers on thousands of compromised e-commerce
The first-of-its-kind, in-depth report details seven individual Magecart
groups with an analysis of their unique skimmer, tactics, and targets.
The paper also analyzes the connection between this web-based activity
and a thriving criminal underworld that enables these groups to operate.
Readers will learn how Magecart groups monetize their campaigns via the
sale and distribution of stolen cards on underground shops and a shadowy
supply chain offering skimmer kits and compromised e-commerce
The report also builds a timeline of the Magecart phenomenon from the
inception of digital credit card skimming to Magecart’s current all-out
assault on e-commerce that claimed thousands of small and mid-sized
online shops—and several giants—as victims.
“The Modus Operandi of the web-skimming Magecart groups has evolved
significantly and has been ramping up over the past two years,” said
Yonathan Klijsnma, Head Researcher at RiskIQ. “With the number of
criminal groups operating these skimming campaigns, it’s likely one of
the biggest threats facing e-commerce right now.”
“The cybercriminal underground continues to provide a vibrant platform
for buying and selling various credit card sniffer toolkits, as well as
other critical criminal services meant to cash out the stolen cards,”
said Vitali Kremez, Director of Research at Flashpoint. “As we explore
these groups, it is important to keep in mind that the most profitable
ventures—those that inflict the greatest damage on the e-commerce and
financial industry—are run by experienced career criminals who have,
over the years, developed extended networks of trusted criminal
comprehensive report combines RiskIQ’s global surface web visibility,
which first exposed Magecart threat activity in 2016 and continues to
track it, and Flashpoint’s expertise in monitoring illicit communities,
which ultimately reveals the commercial side of Magecart operations.
This report provides powerful new intelligence that can help private and
public sector organizations, including law enforcement, develop a more
effective strategy to counter Magecart’s growing threat.
RiskIQ, which detects internet-scale threats, is alerted to new Magecart
breaches hourly, a clear indication that the group is extremely active
and continues to be a critical threat to all organizations offering
online payment facilities. With online sales predicted to rise 17-22
percent over the upcoming holiday season, Magecart’s criminal activities