Mage Cart (written in the article as one word) is bigger and badder than ever. This can be bad for us Webmasters. Why? Because if compromised, the site’s 404 page is modified with executable code that could in fact infect your device and of course, steal your data.
Magecart is known for stealing personal information entered in to web forms. It also steals credit card info if making a purchase online.
What can the user do? Unfortunately, we can’t really do anything. I mean, we could annalize the code, but if you don’t know what you’re looking for, good luck there.
The Akamai article I spotted about this is very long, but might be of interest.
There are 4 items I think we can pass along under the executive summary that we can post and you can take from. They are:
- The Akamai Security Intelligence Group detected a Magecart web skimming campaign that is targeting an extensive list of websites, including large organizations in the food and retail industries.
- This campaign stands out because of its three advanced concealment techniques, one of which we had never seen before — specifically, manipulating the website’s default 404 error page to hide malicious code — that poses unique challenges for detection and mitigation.
- The other two obfuscation techniques showcase the evolving tactics that attackers are using to avoid detection and lengthen the attack chain.
- As web skimming attacks become increasingly sophisticated, organizations must remain vigilant and explore advanced approaches to protect against these evolving threats.
Just because it targets specific industries doesn’t mean that it could change and target sites like yours and mine.
The article is titled The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages and if you have the time, please feel free to read it. It might be of value to you.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.