Popping up in various permutations for the better part of four years now, the online payment skimming operations run by Magecart fraudsters continue to intensify in 2019. Targeting vulnerable content management systems used for running payment on e-commerce sites, Magecart once was used to describe the group running these attacks. But as its number widened to as many as 12 major identifiable criminal syndicates, the Magecart moniker is just as likely to refer to the common techniques they use.
Magecart attacks work on the same principles that a POS skimmer would at a physical cash register. The bad guys find a way to quietly insert scripts onto compromised servers running payment systems to steal customer data as it's entered by customers on an e-commerce site, sending that data silently to the attackers without interrupting the payment mechanism.
"With the number of criminal groups operating these skimming campaigns, it's likely one of the biggest threats facing e-commerce right now," said Yonathan Klijnsma, threat researcher for RiskIQ, late last year.