Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains—and Counting
Brian Barrett reports:
You may not recognize the name Magecart, but you’ve seen its impact. A set of sophisticated hacking groups, Magecart has been behind some of the bigger hacks of the past few years, from British Airways to Ticketmaster, all with the singular goal of stealing credit card numbers. Think of them as the ATM skimmers of the web. And thanks to poor security hygiene, they’ve managed to hit 17,000 domains in the past few months alone.
A new report from threat detection firm RiskIQ details how Magecart hackers have found a way to scan Amazon S3 buckets—cloud repositories that hold data and and other backend necessities for sites and companies—for any that are misconfigured to allow anyone with an Amazon Web Services account to not just read their contents, but write to them, implementing whatever changes they want. Like, say, inserting code that steals credit card numbers from ecommerce sites.
Read more on Wired.