The UK’s National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks. Magecart attacks work by gaining access to websites either directly or via third-party services and injecting malicious code (Java script) that steals data shoppers enter into online payment forms, typically on checkout pages. Magecart can either breach sites directly or via supply chain attacks. These attacks are also known as web skimming, digital skimming, or e-Skimming. The majority of the online shops used for skimming identified by the NCSC had been compromised via a known vulnerability in Magento, a popular e-commerce platform.
Why is this important?
During the pandemic more and more businesses have had to move online in order to keep trading. This has enabled hackers as well as ransomware to target these online shops, which potentially in their rush to get online have not always sued the safest security measures which allows for vulnerabilities in the system.
Businesses and organisations need to ensure that they are updating systems regularly, in order to update platforms such as Magneto after a known vulnerability has been found. This will help mitigate losses from hacks as well as Magecart attacks, which aim to skim money.