Crime without punishment: in-depth analysis of JS-sniffers
Group-IB experts, in addition to the previously 12 known JS-Sniffer families, have discovered additional 26 different JS-sniffer families
According to the same group, the total daily number of visitors of all the infected sites exceeds 1.5 million people. That is a considerable number and that keeps growing, both number of customer and selling sites.
Obviously the target is stealing credit card information and those cards are sold underground. Selling compromised payment data cyber criminals can earn from $1 to $5 per card. That is not the only income in the chain, JS-sniffers can be bought or rented on underground forums, with their price ranging from $250 to $5,000.
These breaches known as Magecart commonly, are in the news a lot lately, and is an umbrella term given to different cyber criminal groups that are specialized in secretly implanting a special piece of code on compromised e-commerce sites with an intent to steal payment card details of their customers.
Magecart made headlines last year when cyber criminals breached a several high-profile e-commerce sites involving major companies like British Airways, Ticketmaster, and Newegg, The latest victim sites are bedding retailers MyPillow and Amerisleep.
Security firm Group-IB published a threat analysis report detailing the mentioned 38 different JS-Sniffer families that its researchers documented after analyzing 2440 infected e-commerce websites. You can find the Group-IB report here.
Group-IB experts, in addition to the previously 12 known JS-Sniffer families, have discovered additional 26 different JS-sniffer families
According to the same group, the total daily number of visitors of all the infected sites exceeds 1.5 million people. That is a considerable number and that keeps growing, both number of customer and selling sites.
Obviously the target is stealing credit card information and those cards are sold underground. Selling compromised payment data cyber criminals can earn from $1 to $5 per card. That is not the only income in the chain, JS-sniffers can be bought or rented on underground forums, with their price ranging from $250 to $5,000.
These breaches known as Magecart commonly, are in the news a lot lately, and is an umbrella term given to different cyber criminal groups that are specialized in secretly implanting a special piece of code on compromised e-commerce sites with an intent to steal payment card details of their customers.
Magecart made headlines last year when cyber criminals breached a several high-profile e-commerce sites involving major companies like British Airways, Ticketmaster, and Newegg, The latest victim sites are bedding retailers MyPillow and Amerisleep.
Security firm Group-IB published a threat analysis report detailing the mentioned 38 different JS-Sniffer families that its researchers documented after analyzing 2440 infected e-commerce websites. You can find the Group-IB report here.
"This class of malware seemed to be a rather primitive threat to large players like banks and payment systems, since JS-sniffers were believed to target small online stores. Now, however, it is time to question that belief. When a site is infected, everyone is involved in the chain of victims — end users, payment systems, banks that issued compromised cards, and companies that sell their goods and services online.The urgency of the problem is linked to its potentially huge audience (today, almost all of us use online stores). Group-IB Threat Intelligence specialists continuously monitor the appearance of new JS-sniffers and appeal to the cybersecurity community to take a closer look at this growing threat." Viktor Okorokov, A Threat Intelligence analyst
No comments:
Post a Comment