How to Protect your Systems from the Latest Magecart Malware Attacks
How it works
Security professionals have observed that the two scripts are loaded from domains that change from infection to infection, a tactic cybercriminals use to cover their tracks. All scripts load via HTTPS and the data is extracted via HTTPS. If the checkout form doesn’t collect all the information the hacker wants, Magecart can add input fields to the platform’s checkout form in order to get all that the cybercriminal seeks.
Accessing your risk
As all known attacks have targeted eCommerce platforms that host their own checkout forms, platforms using WePay’s iFrame or embedded checkout are considered low risk. Attacks on iFrames are unlikely because they are easier to detect than a compromise involving a custom UX checkout. Platforms using custom checkout or that have server-to-server integrations in place are strongly encouraged to adhere to and implement the following best practices to mitigate risk of malware infection.
While geared towards platforms using custom checkout or that have server-to-server integrations in place, all platforms are encouraged to align internal security measures with the following best practices for early malware detection and prevention.
- Follow industry best practices such as OWASP Top 10 to enhance the security of your web application.
- Bolster the security of your network and systems and validate them using vulnerability management solutions.
- Implement Multi-Factor Authentication (MFA) for remote access to critical production systems.