loader gif

JavaScript card sniffing attacks spread to other e-commerce platforms

JavaScript card sniffing attacks spread to other e-commerce platforms (Malware and Vulnerabilities)

Cybercriminal groups engaging in JavaScript card sniffing attacks --also referred to as Magecart attacks-- have slowly spread their operations to target additional platforms besides the Magento-based stores they initially went after when these types of attacks started, in 2015-2016. As it is becoming increasingly obvious, JavaScript sniffers, once considered a threat for Magento, are now a danger to all online store platforms, may them be self-hosted solutions or cloud-based commercial SaaS platforms. While the RiskIQ report released today highlights a series of attacks targeting OpenCart-based stores, Magecart groups don't see themselves as limited to just Magento, WooCommerce, OpenCart, or OSCommerce platforms. Just earlier this week, Sanguine Security discovered one of these multi-functional scripts that had been coded to collect data from 57 different payment systems, showing how the JavaScript card sniffer scene has evolved from a past where it focused on the narrow internet strip of Magento stores, to a current state where any online store, regardless of the underlying technology or payment gateway, can be attacked.

loader gif