What are its common features?
1. Stores values inside of variables - e.g. storing customers names
2. Operations on pieces of text (strings in programming) - You can take the string ‘New Player’ and link it with the [name] variable to create a text label e.g. “New Player Ben”.
3. Running code in response to certain events that happens on your webpage - e.g. allow events to be updated when a website visitor clicks on a certain element
4. Autocomplete - Completes data, e.g. in contact forms, for you
5. Playing Audio and Visual
6. Repairing browser compatibility issues.
Magecart - a persistent threat
Magecart is a group of malicious hackers who target eCommerce sites and steal customer payment card data.
The best proactive measure against a magecart attack is preventing access.
The most (in)famous case
On September 6th, we saw a skimming attack hit a massive corporation. The attack saw the whole website affected, as well as data loss of 380,000 individual’s personal information. The attackers gained entry to the site through the company’s web server, and injected malicious code to extract customers data.
Not only does suffering from a data breach cause massive disruption throughout your company, it can also destroy your company's reputation which ultimately will affect future sales.
The company was ordered to pay a total of around £183 million, they also had the harrowing task of emailing all affected customers explaining their data had been lost.
How to avoid this type of attack?
Nowadays, security is just as fundamental as engagement to the success of a website. We recommend checking your environment daily, to keep you safe from a breach. This includes:
- Reviewing code in order to identify potential coding vulnerabilities
- Use of vulnerability security assessment tools to test web applications for vulnerabilities
- Audit logging and reviewing logs and security events for all system components to identify anomalies or suspicious activity
- Use of file-integrity monitoring or change-detection software
- Including the reviewing of these results
- Performing internal and external network vulnerability scans
- Performing period penetration testing to identify security weaknesses
If you don’t have a dedicated individual or team to do this, we highly suggest that you implement a security solution which can monitor your cyberspace for you and provide you with a detailed report of any suspicious activity.
and see if it your site has been breached.
Would like to know more?
Get in touch with us or with our cybersecurity partner Foregenix