Magecart attacks caused numerous payment card fraud incidents last year. Based on reports, the Magecart e-skimming tactic is the most used scam from threat actors. A recent tally showed that these scams infected approximately 10,000 eCommerce sites in 2022.
About 60 million compromised payment card records were sold by actors on dark web marketplaces last year, of which 46 million were classified as Card-Not-Present. Actors obtained these CNPs during online eCommerce transactions.
On the other hand, nearly 14 million payment cards are offered on the dark web under the “Card-Present.”
A research group also identified 1,520 malicious domains involved in the attack against more than 9,000 eCommerce websites last year.
In addition, Primary Account Numbers for at least 20 million infected payment cards were posted as images or in plaintext on several dark web forums, social media, and pastebins. Threat actors have also exploited 21 card check services that have abused nearly 3,000 unique merchants linked to 660 noteworthy MIDs for illegal card checks.
Magecart attacks have a new method for transmitting their campaign.
According to investigations, a malware server of Magecart attacks used the HTTP referrer header in requests to obstruct the download of malicious scripts.
Threat actors have injected links to malicious JavaScript files into the eCommerce shops, but the server hosting the archives could send the malicious scripts through certain conditions.
Magecart attackers have also continued to abuse Google Tag Manager as containers last year. Google Tag is a legitimate web service utilised by everyone to collect website usage metrics and track customer online behaviour and marketing. These Magecart variants impacted more than 900 eCommerce domains.
Payment fraud transactions are comparable to the functioning market with exchanges between customer and seller, supply chains, and other services. Big-time organisations in this market attract actors who execute card fraud since they offer lucrative amounts.
Companies involved in card issuing, acquiring, and merchant services should utilise a competitive intelligence service and implement proactive security protocols to prevent fraud.
