{"id":16708,"date":"2019-10-28T10:52:16","date_gmt":"2019-10-28T18:52:16","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/10\/28\/news-10447\/"},"modified":"2019-10-28T10:52:16","modified_gmt":"2019-10-28T18:52:16","slug":"news-10447","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/10\/28\/news-10447\/","title":{"rendered":"VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry"},"content":{"rendered":"

Magecart is an umbrella-term for various groups that engage in placing JavaScript code on e-commerce sites to steal credit card info. Magecart attacks go back almost a decade but it became an infosec household name following some prominent breaches in 2018.<\/p>\n

Magecart is getting a lot of attention from security researchers, and RiskIQ<\/em>‘s Yonathan Klijnsma is probably the most prolific among them. He was one of the authors of a 2018 report <\/a>that detailed the modi operandi of the various Magecart groups.<\/p>\n

\"ecosystem_image1.png\"A rich underground economy exists around all the different steps needed to monetize a breach.<\/span><\/p>\n

At VB2019 in London earlier this month, Yonathan also presented a paper on Magecart in which he looked at some of the more interesting groups and the latest Magecart trends.<\/p>\n

Today we publish Yonathan’s paper in both HTML<\/a> and PDF <\/a>format. We have also uploaded the video of his VB2019 presentation to our YouTube<\/em> channel.<\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n