Security News > 2020 > June > Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets

Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets
2020-06-09 00:07

Hacking groups are continuing to leverage misconfigured AWS S3 data storage buckets to insert malicious code into websites in an attempt to swipe credit card information and carry out malvertising campaigns.

These virtual credit card skimmers, also known as formjacking attacks, are typically JavaScript code that Magecart operators stealthily insert into a compromised website, often on payment pages, designed to capture customers' card details in real-time and transmit it to a remote attacker-controlled server.

Last July, RiskIQ uncovered a similar Magecart campaign leveraging misconfigured S3 buckets to inject digital credit card skimmers on 17,000 domains.

To mitigate these threats, RiskIQ recommends securing S3 buckets with the right level of permissions, in addition to using Access Control Lists and bucket policies to grant access to other AWS accounts or to public requests.

"Misconfigured S3 buckets that allow malicious actors to insert their code into numerous websites is an ongoing issue," RiskIQ concluded.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/rSl1d3MCvBE/magecart-skimmer-amazon.html