CyberNews Briefs

Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

Threat actors are taking advantage of misconfigured Amazon S3 cloud storage buckets as part of Magecart campaigns, RiskIQ research shows. Magecart is an umbrella term for various criminal groups that attack web shops with the aim of injecting them with card skimming malware.

In addition to targeting websites directly, Magecart hackers have been scanning Amazon S3 in order to find unprotected buckets containing JavaScript files since April of this year. The attackers overwrite JavaScript files in unsecured buckets, adding their card skimming code to the original code. So far, they have already compromised over 17,000 domains this way.

Read more: Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.