Digital threat management company RiskIQ tracks the activity of MageCart group and reported their use of web-based card skimmers since 2016.
2022-11-21 ⋅ Zscaler ⋅ Sudeep Singh @online{singh:20221121:black:9712dce,
author = {Sudeep Singh},
title = {{Black Friday Alert: 4 Emerging Skimming Attacks to Watch for This Holiday Season}},
date = {2022-11-21},
organization = {Zscaler},
url = {https://www.zscaler.com/blogs/security-research/black-friday-scams-4-emerging-skimming-attacks-watch-holiday-season},
language = {English},
urldate = {2022-11-23}
}
Black Friday Alert: 4 Emerging Skimming Attacks to Watch for This Holiday Season magecart |
2022-08-08 ⋅ Medium CSIS Techblog ⋅ Benoît Ancel @online{ancel:20220808:inside:67ef9a0,
author = {Benoît Ancel},
title = {{An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure}},
date = {2022-08-08},
organization = {Medium CSIS Techblog},
url = {https://medium.com/csis-techblog/inside-view-of-brazzzersff-infrastructure-89b9188fd145},
language = {English},
urldate = {2022-08-28}
}
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader |
2022-07-19 ⋅ Recorded Future ⋅ Insikt Group® @techreport{group:20220719:amid:e54f780,
author = {Insikt Group®},
title = {{Amid Rising Magecart Attacks on Online Ordering Platforms, Recent Campaigns Infect 311 Restaurants}},
date = {2022-07-19},
institution = {Recorded Future},
url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0719.pdf},
language = {English},
urldate = {2022-07-25}
}
Amid Rising Magecart Attacks on Online Ordering Platforms, Recent Campaigns Infect 311 Restaurants magecart |
2022-05-10 ⋅ RiskIQ ⋅ Kelsey Clapp @online{clapp:20220510:commodity:7703042,
author = {Kelsey Clapp},
title = {{Commodity Skimming & Magecart Trends in First Quarter of 2022}},
date = {2022-05-10},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/017cf2e6},
language = {English},
urldate = {2022-05-17}
}
Commodity Skimming & Magecart Trends in First Quarter of 2022 magecart |
2021-12-06 ⋅ GEMINI ⋅ GEMINI @online{gemini:20211206:magecart:b89c803,
author = {GEMINI},
title = {{Magecart Groups Abuse Google Tag Manager}},
date = {2021-12-06},
organization = {GEMINI},
url = {https://geminiadvisory.io/magecart-google-tag-manager/},
language = {English},
urldate = {2021-12-07}
}
Magecart Groups Abuse Google Tag Manager magecart |
2021-12-03 ⋅ RiskIQ ⋅ Kelsey Clapp @online{clapp:20211203:woos:020f03d,
author = {Kelsey Clapp},
title = {{Woo's There? Magecart Targets WooCommerce}},
date = {2021-12-03},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/2efc2782},
language = {English},
urldate = {2021-12-07}
}
Woo's There? Magecart Targets WooCommerce magecart |
2021-11-03 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20211103:credit:ab7b79f,
author = {Jérôme Segura},
title = {{Credit card skimmer evades Virtual Machines}},
date = {2021-11-03},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/threat-intelligence/2021/11/credit-card-skimmer-evades-virtual-machines/},
language = {English},
urldate = {2021-11-08}
}
Credit card skimmer evades Virtual Machines magecart |
2021-10-19 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20211019:qlogger:4f23de5,
author = {Jérôme Segura},
title = {{q-logger skimmer keeps Magecart attacks going}},
date = {2021-10-19},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/threat-intelligence/2021/10/q-logger-skimmer-keeps-magecart-attacks-going/},
language = {English},
urldate = {2021-10-26}
}
q-logger skimmer keeps Magecart attacks going magecart |
2021-09-22 ⋅ RiskIQ ⋅ Kelsey Clapp, Jordan Herman @online{clapp:20210922:bom:b738b21,
author = {Kelsey Clapp and Jordan Herman},
title = {{The Bom Skimmer and MageCart Group 7}},
date = {2021-09-22},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/743ea75b/description},
language = {English},
urldate = {2021-09-24}
}
The Bom Skimmer and MageCart Group 7 magecart |
2021-09-13 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20210913:many:c651ab9,
author = {Jérôme Segura},
title = {{The many tentacles of Magecart Group 8}},
date = {2021-09-13},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/threat-intelligence/2021/09/the-many-tentacles-of-magecart-group-8/},
language = {English},
urldate = {2021-09-19}
}
The many tentacles of Magecart Group 8 magecart |
2021-07-16 ⋅ Twitter (@MBThreatIntel) ⋅ Malwarebytes Threat Intelligence @online{intelligence:20210716:magecart:3ba6f5b,
author = {Malwarebytes Threat Intelligence},
title = {{Tweet on Magecart skimmer using steganography}},
date = {2021-07-16},
organization = {Twitter (@MBThreatIntel)},
url = {https://twitter.com/MBThreatIntel/status/1416101496022724609},
language = {English},
urldate = {2021-07-20}
}
Tweet on Magecart skimmer using steganography magecart |
2021-07-15 ⋅ Twitter (@AffableKraut) ⋅ Eric Brandel @online{brandel:20210715:another:384815e,
author = {Eric Brandel},
title = {{Tweet on another digital skimmer/magecart script from the "q-logger" threat actor}},
date = {2021-07-15},
organization = {Twitter (@AffableKraut)},
url = {https://twitter.com/AffableKraut/status/1415425132080816133?s=20},
language = {English},
urldate = {2021-07-20}
}
Tweet on another digital skimmer/magecart script from the "q-logger" threat actor magecart |
2021-07-07 ⋅ SUCURI ⋅ Ben Martin @online{martin:20210707:magecart:936a43d,
author = {Ben Martin},
title = {{Magecart Swiper Uses Unorthodox Concatenation}},
date = {2021-07-07},
organization = {SUCURI},
url = {https://blog.sucuri.net/2021/07/magecart-swiper-uses-unorthodox-concatenation.html},
language = {English},
urldate = {2021-07-20}
}
Magecart Swiper Uses Unorthodox Concatenation magecart |
2021-06-28 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20210628:lil:e675ba5,
author = {Jérôme Segura},
title = {{Lil' skimmer, the Magecart impersonator - Malwarebytes Labs}},
date = {2021-06-28},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/cybercrime/2021/06/lil-skimmer-the-magecart-impersonator/},
language = {English},
urldate = {2021-07-09}
}
Lil' skimmer, the Magecart impersonator - Malwarebytes Labs magecart |
2021-06-14 ⋅ scotthelme.co.uk ⋅ Scott Helme @online{helme:20210614:introducing:67342bd,
author = {Scott Helme},
title = {{Introducing Script Watch: Detect Magecart style attacks, fast!}},
date = {2021-06-14},
organization = {scotthelme.co.uk},
url = {https://scotthelme.co.uk/introducing-script-watch-detect-magecart-style-attacks-fast/?utm_source=dlvr.it&utm_medium=twitter},
language = {English},
urldate = {2021-06-21}
}
Introducing Script Watch: Detect Magecart style attacks, fast! magecart |
2021-05-13 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20210513:newly:396ce52,
author = {Jérôme Segura},
title = {{Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity}},
date = {2021-05-13},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/cybercrime/2021/05/newly-observed-php-based-skimmer-shows-ongoing-magecart-group-12-activity/},
language = {English},
urldate = {2021-05-17}
}
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity magecart |
2021-04-22 ⋅ Twitter (@AffableKraut) ⋅ Eric Brandel @online{brandel:20210422:thread:edbfa14,
author = {Eric Brandel},
title = {{A thread on possibly new magecart skimmer}},
date = {2021-04-22},
organization = {Twitter (@AffableKraut)},
url = {https://twitter.com/AffableKraut/status/1385030485676544001},
language = {English},
urldate = {2021-04-28}
}
A thread on possibly new magecart skimmer magecart |
2021-01-14 ⋅ RiskIQ ⋅ Team RiskIQ @online{riskiq:20210114:new:29f2c96,
author = {Team RiskIQ},
title = {{New Analysis Puts Magecart Interconnectivity into Focus}},
date = {2021-01-14},
organization = {RiskIQ},
url = {https://www.riskiq.com/blog/labs/magecart-medialand/},
language = {English},
urldate = {2021-01-18}
}
New Analysis Puts Magecart Interconnectivity into Focus grelos magecart Raccoon |
2021-01-14 ⋅ RiskIQ ⋅ Jordan Herman @online{herman:20210114:medialand:3f603bd,
author = {Jordan Herman},
title = {{MediaLand: Magecart and Bulletproof Hosting}},
date = {2021-01-14},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/5bea32aa},
language = {English},
urldate = {2021-01-21}
}
MediaLand: Magecart and Bulletproof Hosting magecart |
2020-12-16 ⋅ RiskIQ ⋅ Mia Ihm, Cory Kennedy, Jordan Herman @online{ihm:20201216:skimming:608e648,
author = {Mia Ihm and Cory Kennedy and Jordan Herman},
title = {{Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists}},
date = {2020-12-16},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/14924d61},
language = {English},
urldate = {2020-12-17}
}
Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists magecart |
2020-12-02 ⋅ Sansec ⋅ Sansec Threat Research Team @online{team:20201202:persistent:4f26f93,
author = {Sansec Threat Research Team},
title = {{Persistent parasite in EOL Magento 2 stores wakes at Black Friday}},
date = {2020-12-02},
organization = {Sansec},
url = {https://sansec.io/research/magento-2-persistent-parasite},
language = {English},
urldate = {2020-12-14}
}
Persistent parasite in EOL Magento 2 stores wakes at Black Friday magecart |
2020-11-27 ⋅ Reflectiz ⋅ Reflectiz @online{reflectiz:20201127:ico:a1bad28,
author = {Reflectiz},
title = {{The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned}},
date = {2020-11-27},
organization = {Reflectiz},
url = {https://www.reflectiz.com/ico-fines-ticketmaster-uk-1-25-million-for-security-failures-a-lesson-to-be-learned/},
language = {English},
urldate = {2021-01-29}
}
The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned magecart |
2020-11-25 ⋅ Reflectiz ⋅ Idan Cohen @online{cohen:20201125:csp:1b9a48e,
author = {Idan Cohen},
title = {{CSP, the Right Solution for the Web-Skimming Pandemic?}},
date = {2020-11-25},
organization = {Reflectiz},
url = {https://medium.com/reflectiz/csp-the-right-solution-for-the-web-skimming-pandemic-acb7a4414218},
language = {English},
urldate = {2021-01-29}
}
CSP, the Right Solution for the Web-Skimming Pandemic? magecart |
2020-11-11 ⋅ RiskIQ ⋅ Jordan Herman @online{herman:20201111:magecart:8137a1f,
author = {Jordan Herman},
title = {{Magecart Group 12: End of Life Magento Sites Infested with Ants and Cockroaches}},
date = {2020-11-11},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/fda1f967},
language = {English},
urldate = {2020-11-18}
}
Magecart Group 12: End of Life Magento Sites Infested with Ants and Cockroaches magecart |
2020-11-02 ⋅ SUCURI ⋅ Denis Sinegubko @online{sinegubko:20201102:cssjs:e800099,
author = {Denis Sinegubko},
title = {{CSS-JS Steganography in Fake Flash Player Update Malware}},
date = {2020-11-02},
organization = {SUCURI},
url = {https://blog.sucuri.net/2020/11/css-js-steganography-in-fake-flash-player-update-malware.html},
language = {English},
urldate = {2020-11-04}
}
CSS-JS Steganography in Fake Flash Player Update Malware magecart NetSupportManager RAT |
2020-09-02 ⋅ RiskIQ ⋅ Jordan Herman @online{herman:20200902:inter:93b8c50,
author = {Jordan Herman},
title = {{The Inter Skimmer Kit}},
date = {2020-09-02},
organization = {RiskIQ},
url = {https://community.riskiq.com/article/30f22a00},
language = {English},
urldate = {2020-09-04}
}
The Inter Skimmer Kit magecart DreamBot TeslaCrypt |
2020-07-22 ⋅ SUCURI ⋅ Denis Sinegubko @online{sinegubko:20200722:skimmers:abd9eb9,
author = {Denis Sinegubko},
title = {{Skimmers in Images & GitHub Repos}},
date = {2020-07-22},
organization = {SUCURI},
url = {https://blog.sucuri.net/2020/07/skimmers-in-images-github-repos.html},
language = {English},
urldate = {2020-07-30}
}
Skimmers in Images & GitHub Repos magecart |
2020-07-11 ⋅ Trustwave ⋅ Peter Evans, Rodel Mendrez @online{evans:20200711:injecting:3d78e32,
author = {Peter Evans and Rodel Mendrez},
title = {{Injecting Magecart into Magento Global Config}},
date = {2020-07-11},
organization = {Trustwave},
url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/injecting-magecart-into-magento-global-config/},
language = {English},
urldate = {2020-07-15}
}
Injecting Magecart into Magento Global Config magecart |
2020-07-07 ⋅ GEMINI @techreport{gemini:20200707:full:283dfdd,
author = {GEMINI},
title = {{Full list of all the 570+ sites that the Keeper gang hacked since April 2017}},
date = {2020-07-07},
institution = {},
url = {https://geminiadvisory.io/wp-content/uploads/2020/07/Appendix-C-1.pdf},
language = {English},
urldate = {2020-07-08}
}
Full list of all the 570+ sites that the Keeper gang hacked since April 2017 magecart |
2020-07-07 ⋅ GEMINI @online{gemini:20200707:keeper:b2f882b,
author = {GEMINI},
title = {{"Keeper" Magecart Group Infects 570 Sites}},
date = {2020-07-07},
url = {https://geminiadvisory.io/keeper-magecart-group-infects-570-sites/},
language = {English},
urldate = {2020-07-08}
}
"Keeper" Magecart Group Infects 570 Sites magecart |
2020-07-06 ⋅ Sansec ⋅ Sansec Threat Research Team @online{team:20200706:north:1fb54b4,
author = {Sansec Threat Research Team},
title = {{North Korean hackers implicated in stealing from US and European shoppers}},
date = {2020-07-06},
organization = {Sansec},
url = {https://sansec.io/research/north-korea-magecart},
language = {English},
urldate = {2020-07-06}
}
North Korean hackers implicated in stealing from US and European shoppers magecart |
2020-06-26 ⋅ Trend Micro ⋅ Joseph C Chen @online{chen:20200626:us:8bce65c,
author = {Joseph C Chen},
title = {{US Local Government Services Targeted by New Magecart Credit Card Skimming Attack}},
date = {2020-06-26},
organization = {Trend Micro},
url = {https://blog.trendmicro.com/trendlabs-security-intelligence/us-local-government-services-targeted-by-new-magecart-credit-card-skimming-attack/},
language = {English},
urldate = {2020-06-30}
}
US Local Government Services Targeted by New Magecart Credit Card Skimming Attack magecart |
2020-06-25 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20200625:web:2b712b2,
author = {Jérôme Segura},
title = {{Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files}},
date = {2020-06-25},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/threat-analysis/2020/06/web-skimmer-hides-within-exif-metadata-exfiltrates-credit-cards-via-image-files/},
language = {English},
urldate = {2020-06-29}
}
Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files magecart |
2020-06-15 ⋅ ZDNet ⋅ Catalin Cimpanu @online{cimpanu:20200615:web:a10a55d,
author = {Catalin Cimpanu},
title = {{Web skimmers found on the websites of Intersport, Claire's, and Icing}},
date = {2020-06-15},
organization = {ZDNet},
url = {https://www.zdnet.com/article/web-skimmers-found-on-the-websites-of-intersport-claires-and-icing/},
language = {English},
urldate = {2020-06-16}
}
Web skimmers found on the websites of Intersport, Claire's, and Icing magecart |
2020-06-15 ⋅ Sansec ⋅ Sansec Threat Research Team @online{team:20200615:magecart:09274cd,
author = {Sansec Threat Research Team},
title = {{Magecart strikes amid Corona lockdown}},
date = {2020-06-15},
organization = {Sansec},
url = {https://sansec.io/research/magecart-corona-lockdown},
language = {English},
urldate = {2020-06-16}
}
Magecart strikes amid Corona lockdown magecart |
2020-06-09 ⋅ RiskIQ ⋅ Jordan Herman @online{herman:20200609:misconfigured:75c6908,
author = {Jordan Herman},
title = {{Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code}},
date = {2020-06-09},
organization = {RiskIQ},
url = {https://www.riskiq.com/blog/labs/misconfigured-s3-buckets/},
language = {English},
urldate = {2020-06-10}
}
Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code magecart |
2020-06-05 ⋅ SUCURI ⋅ Denis Sinegubko @online{sinegubko:20200605:evasion:86c8265,
author = {Denis Sinegubko},
title = {{Evasion Tactics in Hybrid Credit Card Skimmers}},
date = {2020-06-05},
organization = {SUCURI},
url = {https://blog.sucuri.net/2020/06/evasion-tactics-in-hybrid-credit-card-skimmers.html},
language = {English},
urldate = {2020-06-10}
}
Evasion Tactics in Hybrid Credit Card Skimmers magecart |
2020-05-20 ⋅ Reflectiz ⋅ Reflectiz @online{reflectiz:20200520:gocgle:47c4bc7,
author = {Reflectiz},
title = {{The Gocgle Malicious Campaign}},
date = {2020-05-20},
organization = {Reflectiz},
url = {https://www.reflectiz.com/the-gocgle-web-skimming-campaign/},
language = {English},
urldate = {2020-05-23}
}
The Gocgle Malicious Campaign magecart |
2020-03-18 ⋅ RiskIQ ⋅ Yonathan Klijnsma @online{klijnsma:20200318:magecart:2ee4a78,
author = {Yonathan Klijnsma},
title = {{Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims}},
date = {2020-03-18},
organization = {RiskIQ},
url = {https://www.riskiq.com/blog/labs/magecart-nutribullet/},
language = {English},
urldate = {2020-03-19}
}
Magecart Group 8 Blends into NutriBullet.com Adding To Their Growing List of Victims magecart |
2020-03-03 ⋅ PWC UK ⋅ PWC UK @techreport{uk:20200303:cyber:1f1eef0,
author = {PWC UK},
title = {{Cyber Threats 2019:A Year in Retrospect}},
date = {2020-03-03},
institution = {PWC UK},
url = {https://www.pwc.co.uk/cyber-security/assets/cyber-threats-2019-retrospect.pdf},
language = {English},
urldate = {2020-03-03}
}
Cyber Threats 2019:A Year in Retrospect KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare APT41 MUSTANG PANDA |
2020-02-24 ⋅ Max Kersten's Blog ⋅ Max Kersten @online{kersten:20200224:closing:9d39fcf,
author = {Max Kersten},
title = {{Closing in on MageCart 12}},
date = {2020-02-24},
organization = {Max Kersten's Blog},
url = {https://maxkersten.nl/2020/02/24/closing-in-on-magecart-12/},
language = {English},
urldate = {2020-02-25}
}
Closing in on MageCart 12 magecart |
2020-02-19 ⋅ Yoroi ⋅ Marco Ramilli @online{ramilli:20200219:uncovering:4f04cd0,
author = {Marco Ramilli},
title = {{Uncovering New Magecart Implant Attacking eCommerce}},
date = {2020-02-19},
organization = {Yoroi},
url = {https://marcoramilli.com/2020/02/19/uncovering-new-magecart-implant-attacking-ecommerce/},
language = {English},
urldate = {2020-02-20}
}
Uncovering New Magecart Implant Attacking eCommerce magecart |
2020-02-17 ⋅ Max Kersten's Blog ⋅ Max Kersten @online{kersten:20200217:following:07470c1,
author = {Max Kersten},
title = {{Following the tracks of MageCart 12}},
date = {2020-02-17},
organization = {Max Kersten's Blog},
url = {https://maxkersten.nl/2020/02/17/following-the-tracks-of-magecart-12/},
language = {English},
urldate = {2020-02-20}
}
Following the tracks of MageCart 12 magecart |
2020-02-10 ⋅ Malwarebytes ⋅ Adam Kujawa, Wendy Zamora, Jérôme Segura, Thomas Reed, Nathan Collier, Jovi Umawing, Chris Boyd, Pieter Arntz, David Ruiz @techreport{kujawa:20200210:2020:3fdaf12,
author = {Adam Kujawa and Wendy Zamora and Jérôme Segura and Thomas Reed and Nathan Collier and Jovi Umawing and Chris Boyd and Pieter Arntz and David Ruiz},
title = {{2020 State of Malware Report}},
date = {2020-02-10},
institution = {Malwarebytes},
url = {https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf},
language = {English},
urldate = {2020-02-13}
}
2020 State of Malware Report magecart Emotet QakBot REvil Ryuk TrickBot WannaCryptor |
2020-02-07 ⋅ RiskIQ ⋅ Jordan Herman @online{herman:20200207:magecart:185b67b,
author = {Jordan Herman},
title = {{Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign}},
date = {2020-02-07},
organization = {RiskIQ},
url = {https://www.riskiq.com/blog/labs/magecart-group-12-olympics/},
language = {English},
urldate = {2020-02-09}
}
Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign magecart |
2020-01-25 ⋅ Sanguine Security ⋅ Sanguine Labs @online{labs:20200125:indonesian:1f0de05,
author = {Sanguine Labs},
title = {{Indonesian Magecart hackers arrested}},
date = {2020-01-25},
organization = {Sanguine Security},
url = {https://sansec.io/labs/2020/01/25/magecart-hackers-arrested/},
language = {English},
urldate = {2020-01-27}
}
Indonesian Magecart hackers arrested magecart |
2020-01-25 ⋅ GoggleHeadedHacker Blog ⋅ Jacob Pimental @online{pimental:20200125:olympic:55cba30,
author = {Jacob Pimental},
title = {{Olympic Ticket Reseller Magecart Infection}},
date = {2020-01-25},
organization = {GoggleHeadedHacker Blog},
url = {https://www.goggleheadedhacker.com/blog/post/14},
language = {English},
urldate = {2020-01-27}
}
Olympic Ticket Reseller Magecart Infection magecart |
2020-01-20 ⋅ Max Kersten's Blog ⋅ Max Kersten @online{kersten:20200120:ticket:ad7af1c,
author = {Max Kersten},
title = {{Ticket resellers infected with a credit card skimmer}},
date = {2020-01-20},
organization = {Max Kersten's Blog},
url = {https://maxkersten.nl/2020/01/20/ticket-resellers-infected-with-a-credit-card-skimmer/},
language = {English},
urldate = {2020-01-27}
}
Ticket resellers infected with a credit card skimmer magecart |
2020-01-15 ⋅ PerimeterX ⋅ Guy Bary @online{bary:20200115:analyzing:02aabc4,
author = {Guy Bary},
title = {{Analyzing Magecart Malware – From Zero to Hero}},
date = {2020-01-15},
organization = {PerimeterX},
url = {https://www.perimeterx.com/blog/analyzing_magecart_malware_from_zero_to_hero/},
language = {English},
urldate = {2020-01-17}
}
Analyzing Magecart Malware – From Zero to Hero magecart |
2020-01-10 ⋅ CSIS ⋅ CSIS @techreport{csis:20200110:threat:7454f36,
author = {CSIS},
title = {{Threat Matrix H1 2019}},
date = {2020-01-10},
institution = {CSIS},
url = {https://gallery.mailchimp.com/c35aef82661dad887b8162a4f/files/e24e8206-a157-4796-a8cb-2b7262cc76e8/CSIS_Threat_Matrix_H1_2019.pdf},
language = {English},
urldate = {2020-01-22}
}
Threat Matrix H1 2019 Gustuff magecart Emotet Gandcrab Ramnit TrickBot |
2019-10-09 ⋅ Trend Micro ⋅ Joseph C. Chen @online{chen:20191009:fin6:11bb05d,
author = {Joseph C. Chen},
title = {{FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops}},
date = {2019-10-09},
organization = {Trend Micro},
url = {https://blog.trendmicro.com/trendlabs-security-intelligence/fin6-compromised-e-commerce-platform-via-magecart-to-inject-credit-card-skimmers-into-thousands-of-online-shops/},
language = {English},
urldate = {2020-02-25}
}
FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops magecart |
2019-08-01 ⋅ Kaspersky Labs ⋅ GReAT @online{great:20190801:trends:5e25d5b,
author = {GReAT},
title = {{APT trends report Q2 2019}},
date = {2019-08-01},
organization = {Kaspersky Labs},
url = {https://securelist.com/apt-trends-report-q2-2019/91897/},
language = {English},
urldate = {2020-08-13}
}
APT trends report Q2 2019 ZooPark magecart POWERSTATS Chaperone COMpfun EternalPetya FinFisher RAT HawkEye Keylogger HOPLIGHT Microcin NjRAT Olympic Destroyer PLEAD RokRAT Triton Zebrocy |
2019-06-04 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20190604:magecart:7c1581d,
author = {Jérôme Segura},
title = {{Magecart skimmers found on Amazon CloudFront CDN}},
date = {2019-06-04},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/threat-analysis/2019/06/magecart-skimmers-found-on-amazon-cloudfront-cdn/},
language = {English},
urldate = {2019-12-20}
}
Magecart skimmers found on Amazon CloudFront CDN magecart |
2019-05-03 ⋅ Trend Micro ⋅ Joseph C Chen @online{chen:20190503:mirrorthief:05f07e5,
author = {Joseph C Chen},
title = {{Mirrorthief Group Uses Magecart Skimming Attack to Hit Hundreds of Campus Online Stores in US and Canada}},
date = {2019-05-03},
organization = {Trend Micro},
url = {https://blog.trendmicro.com/trendlabs-security-intelligence/mirrorthief-group-uses-magecart-skimming-attack-to-hit-hundreds-of-campus-online-stores-in-us-and-canada/},
language = {English},
urldate = {2019-11-27}
}
Mirrorthief Group Uses Magecart Skimming Attack to Hit Hundreds of Campus Online Stores in US and Canada magecart |
2019-04-26 ⋅ Malwarebytes ⋅ Jérôme Segura @online{segura:20190426:github:ff4b558,
author = {Jérôme Segura},
title = {{GitHub hosted Magecart skimmer used against hundreds of e-commerce sites}},
date = {2019-04-26},
organization = {Malwarebytes},
url = {https://blog.malwarebytes.com/cybercrime/2019/04/github-hosted-magecart-skimmer-used-against-hundreds-of-e-commerce-sites/},
language = {English},
urldate = {2019-12-20}
}
GitHub hosted Magecart skimmer used against hundreds of e-commerce sites magecart |
2019-02-28 ⋅ RiskIQ ⋅ Yonathan Klijnsma @online{klijnsma:20190228:magecart:e2b0173,
author = {Yonathan Klijnsma},
title = {{Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime}},
date = {2019-02-28},
organization = {RiskIQ},
url = {https://www.riskiq.com/blog/labs/magecart-group-4-always-advancing/},
language = {English},
urldate = {2020-01-06}
}
Magecart Group 4: Never Gone, Always Advancing – Professionals In Cybercrime magecart |
2019-02-06 ⋅ CrowdStrike ⋅ Peyton Smith, Tim Parisi @online{smith:20190206:threat:4f138dc,
author = {Peyton Smith and Tim Parisi},
title = {{Threat Actor "Magecart": Coming to an eCommerce Store Near You}},
date = {2019-02-06},
organization = {CrowdStrike},
url = {https://www.crowdstrike.com/blog/threat-actor-magecart-coming-to-an-ecommerce-store-near-you/},
language = {English},
urldate = {2019-12-20}
}
Threat Actor "Magecart": Coming to an eCommerce Store Near You magecart |
2018-11-21 ⋅ Bleeping Computer ⋅ Ionut Ilascu @online{ilascu:20181121:magecart:e366b8b,
author = {Ionut Ilascu},
title = {{MageCart Group Sabotages Rival to Ruin Data and Reputation}},
date = {2018-11-21},
organization = {Bleeping Computer},
url = {https://www.bleepingcomputer.com/news/security/magecart-group-sabotages-rival-to-ruin-data-and-reputation/},
language = {English},
urldate = {2019-12-20}
}
MageCart Group Sabotages Rival to Ruin Data and Reputation MageCart |
2018-11-19 ⋅ Bleeping Computer ⋅ Lawrence Abrams @online{abrams:20181119:visiondirect:6c2560e,
author = {Lawrence Abrams},
title = {{VisionDirect Data Breach Caused by MageCart Attack}},
date = {2018-11-19},
organization = {Bleeping Computer},
url = {https://www.bleepingcomputer.com/news/security/visiondirect-data-breach-caused-by-magecart-attack/},
language = {English},
urldate = {2019-12-20}
}
VisionDirect Data Breach Caused by MageCart Attack MageCart |
2018-10-09 ⋅ Bleeping Computer ⋅ Ionut Ilascu @online{ilascu:20181009:magecart:fc6ccf4,
author = {Ionut Ilascu},
title = {{Magecart Group Compromises Plugin Used in Thousands of Stores, Makes Rookie Mistake}},
date = {2018-10-09},
organization = {Bleeping Computer},
url = {https://www.bleepingcomputer.com/news/security/magecart-group-compromises-plugin-used-in-thousands-of-stores-makes-rookie-mistake/},
language = {English},
urldate = {2019-12-20}
}
Magecart Group Compromises Plugin Used in Thousands of Stores, Makes Rookie Mistake MageCart |
2018-09-18 ⋅ Trend Micro ⋅ Joseph C Chen @online{chen:20180918:magecart:af83872,
author = {Joseph C Chen},
title = {{Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites}},
date = {2018-09-18},
organization = {Trend Micro},
url = {https://blog.trendmicro.com/trendlabs-security-intelligence/magecart-skimming-attack-targets-mobile-users-of-hotel-chain-booking-websites/},
language = {English},
urldate = {2020-01-08}
}
Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites magecart |
2018-09-12 ⋅ Bleeping Computer ⋅ Lawrence Abrams @online{abrams:20180912:feedify:7beba8a,
author = {Lawrence Abrams},
title = {{Feedify Hacked with Magecart Information Stealing Script}},
date = {2018-09-12},
organization = {Bleeping Computer},
url = {https://www.bleepingcomputer.com/news/security/feedify-hacked-with-magecart-information-stealing-script/},
language = {English},
urldate = {2019-12-20}
}
Feedify Hacked with Magecart Information Stealing Script MageCart |
2018-09-11 ⋅ Bleeping Computer ⋅ Ionut Ilascu @online{ilascu:20180911:british:392218c,
author = {Ionut Ilascu},
title = {{British Airways Fell Victim To Card Scraping Attack}},
date = {2018-09-11},
organization = {Bleeping Computer},
url = {https://www.bleepingcomputer.com/news/security/british-airways-fell-victim-to-card-scraping-attack/},
language = {English},
urldate = {2019-12-20}
}
British Airways Fell Victim To Card Scraping Attack MageCart |
2018-07-09 ⋅ RiskIQ ⋅ Yonathan Klijnsma, Jordan Herman @online{klijnsma:20180709:inside:e92fff2,
author = {Yonathan Klijnsma and Jordan Herman},
title = {{Inside and Beyond Ticketmaster: The Many Breaches of Magecart}},
date = {2018-07-09},
organization = {RiskIQ},
url = {https://www.riskiq.com/blog/labs/magecart-ticketmaster-breach/},
language = {English},
urldate = {2020-01-12}
}
Inside and Beyond Ticketmaster: The Many Breaches of Magecart magecart |