The group of malicious hackers behind the British Airways breach made 65,000 unsuccessful attempts to steal shoppers’ payment data in July, according to anti-malware firm Malwarebytes.
Web skimmers, also known as skimmers, sniffers or wipers, sees a malicious hacker insert code into a website to capture sensitive information from online payment forms.
US-based Malwarebytes said it detected a summer surge of web skimming attempts, with 54% of Magecart activity taking place in the US. The next highest volume of activity was in Canada (16%). Germany, France and the UK accounted for less than 10% each.
There was a peak in activity around the 4 July, indicating that the web skimmers were looking to take advantage of shoppers seeking out Independence Day deals.
Magecart web skimming shows no sign of slowing
Malwarebytes said its anti-malware software successfully blocked 65,000 attempts to steal credit card details on compromised stores.
Magecart, which is made up of a consortium of hacker groups, has become more prolific in recent years.
Threat research company RiskIQ concluded that the group was behind the 2018 Ticketmaster breach, in which tens of thousands of customers had their payment details stolen.
3 Things That Will Change the World Today
In July Amsterdam-based eommerce fraud protection specialist Sanguine Security Labs discovered that 962 online shops had customers’ payment details stolen in a 24 hour period.
Malwarebytes identified Magecart as being responsible by analysing the skimming code used in the attacks. Attribution has become more difficult given that card skimming code kits are sold on underground forums, as well as copycats reusing existing code.
Malwarebytes recommends affected firms file abuse reports with the Computer Emergency Response Team (CERT), and “and working with partners to take a more global approach by tackling the criminal infrastructure”.
For consumers, it’s best to stick to larger, more established shopping portals. However, as shown with Ticketmaster and British Airways, this doesn’t always guarantee safety.