Online retailers face a massive challenge at present to stay afloat amidst the ever-increasing choices available for customers. As if that was not enough, they are now reeling under the problems unleashed by ‘formjacking attacks’! Formjacking attacks are the newest weapons of choice for hackers that are mostly targeted at online retailers. So what is formjacking? What are the various formjacking techniques? How to prevent formjacking attacks? Get all the answers here.
What is Formjacking?
Formjacking attacks are cyber attacks that involve stealing of financial details by using a malicious JavaScript code. The malicious code extracts personal data from the check-out page of the site and sends it to the attacker’s servers. And, which are the online platforms that deal with colossal volumes of financial data? The answer is simple! Online retailing sites, or what is commonly known as e-commerce sites!
Formjacking attacks target nearly 4,800 websites every month on an average!
Formjacking attacks, though not a new technique for hackers, have witnessed a significant increase since August 2018. Among the most notable attacks in the current times are those on British Airways, Newegg, Feedify, and Ticketmaster by a notorious hacker group called Magecart.
How Do Formjacking Techniques Work?
Formjacking is a serious nuisance especially in the current age when e-commerce is booming. Formjacking techniques leverage a malicious JavaScript code. It reads data when a customer selects ‘Submit’ or the like after entering his/her details on the website’s payment form. This enables hackers to extract sensitive data such as payment card details and personal information entered in the form.
Formjacking techniques are similar to card skimmers used in executing payment card frauds by reading the card details. Just that in this case, the JavaScript code acts as the skimmer that extracts financial details from the website.
What Do Cyber Criminals Do with the Stolen Data?
Cyber conmen can misuse the payment card details to make purchases – legal or illegal, or sell this information to other cyber criminals on the dark net.
In fact, cyber criminals can make up to $2.2 million per month by trading the details of just 10 payments cards per website! The formjacking attack on British Airways compromised the details of nearly 380,000 payment cards. This means that the cyber criminals involved may have made a profit of over $17 million!
Does Your Website Stand a Chance of a Compromise?
Formjacking techniques are easier to deploy through a mode called supply chain attack. Wondering what are supply chain attacks? Well, contrary to what it may sound, it is not an attack on a supply chain. Also known as third-party attacks or value-chain attacks, supply chain attacks are common when a third-party has access to your organization’s data. This form of attack involves the infiltration into your organization’s systems through a third-party having access to your data/systems.
So, if you engage third-parties into your business, which is quite a common occurrence, tread cautiously! As a matter of fact, attackers carried out the Ticketmaster formjacking attack using a supply chain attack technique. By gaining access to the website, Magecart attackers injected the code into their payment page.
Remember that you stand the chance of an attack if businesses with access to your network do not have robust cyber security strategies themselves!
Magecart – One of the Most Notorious Hacker Groups in the World
The hacker world is presently dominated by the achievements and proficiencies of the attack group – Magecart. They are notorious and infamous for the latest formjacking attacks on Ticketmaster, British Airways, Newegg and Feedify.
Active since 2005, the group’s core skill lies in embedding web-based card skimmers into websites that extract payment card data and other confidential data from online payment forms.
The Story Behind the Most High-Profile Formjacking Attacks
Attackers are more becoming more and more proficient in effecting formjacking attacks through third-parties linked to the target website.
Take, for instance, the Ticketmaster breach. Megacart attackers first targeted Ticketmaster’s chatbot service provider. Tech firm, Inbenta, managed the chatbot services for customer support on Ticketmaster’s website. Following the compromise of the chatbot, the attackers then altered the JavaScript code on Ticketmaster’s website enabling the capture of users’ payment card details and transmission to their servers.
The attack on British Airways is also one of the most high-profile formjacking attacks in recent times. The attack compromised the confidential details of nearly 380,000 passengers and was well masked by Megacart attackers to avoid detection. One of the techniques in use was to purchase SSL certificates and set up spoofed web domains to give a genuine impression of the company.
How Can You Protect Your Website from Formjacking Attacks?
Formjacking attacks are quite tricky to identify. Often, the victim may not even be aware of the website compromise as it continues to work normally. Therefore, having cognizance of such attacks and robust cyber security measures can help in keeping formjacking attacks at bay.
Here are some tips on how to prevent formjacking attacks.
1. Maintain Maximum Privacy When Developing or Making Changes to Your Website
Make sure that you develop the codes for your website and web applications in the most private and secure environment. Try using small test environments to test new software updates.
2. Scan Your Website Regularly for Vulnerabilities
Deploy ‘white hat hacker’ teams and/or robust vulnerability services to scan your website regularly and identify loopholes and suspicious codes. Conduct website and network penetration tests at regular intervals to keep bad actors from gaining access to your websites.
3. Ensure That Your Third-Parties Use Robust Cyber Security Measures
As stated in the preceding sections, having a sound cyber security for your organization is not adequate. You also need to ensure that third-parties having access to your website and business-critical information are equally protected.
4. Monitor Outbound Traffic
It is also a good measure to monitor your website’s outbound traffic using strong firewalls and other security measures. It will keep you apprised if the traffic is channelized in a direction that appears suspicious.
Unfortunately, formjacking attackers are getting proficient and sophisticated by the day. They are now able to pull off such attacks with greater finesse as they also inject a secondary code that looks out for debugger tools on the website. This means that they know how to watch out for those cops while doing the burglary!
Incognito Forensic Foundation (IFF Lab) – A Step Ahead in Keeping the Nation Cyber Safe
Incognito Forensic Foundation or IFF Lab is a private digital and cyber forensics laboratory in Bangalore. Its state-of-the-art digital forensics lab houses advanced digital and cyber forensics tools and equipment. Additionally, its repertoire of the best-in-class forensics experts and cyber security professionals enables IFF Lab to stay a step ahead of the other players in this domain.
IFF Lab offers a multitude of cyber and digital forensics services such as fraud investigations, risk assessment, data protection, and information security etc. It also offers training to law enforcement agencies, educational institutions, and corporate on various cyber security measures.
Contact IFF Lab for Cybersecurity Assistance and Consultation.
Related Posts
December 27, 2019
Importance of Digital Forensics in India
December 14, 2019
6 Types of Hackers
November 8, 2019
List of 15 Most Powerful Forensic Tools
October 22, 2019
Top 5 Tips to Identify a Phishing Email
September 30, 2019
The 5 Latest Cyber Security Technologies for Your Business
September 2, 2019
A Handy Guide on How to Report Online Harassment of Women
January 4, 2019
The World of Deepfakes – How can Deepfakes Impact Elections?
December 21, 2018
What is Cyber Insurance? Do you Need Cyber Insurance?
November 20, 2018
The 5 Biggest Data Breaches of 2018
November 9, 2018
Prospects of an Ethical Hacking Career in India
October 25, 2018
Top 5 Types of Cybercrimes – Tips for Cybercrime Prevention
September 15, 2018
8 Handy Tips to Avoid Mobile Phone Scams Like a Pro
September 6, 2018
Be Aware of Olx Scams – Tips to Buy Safely on Olx
August 31, 2018
The Latest Weapon of Online Child Abuse – The Momo Challenge
August 18, 2018
Hard Drive Data Recovery – Top Causes of Hard Drive Crash
May 31, 2018
Your Quick Guide to the Cyber Laws in India
May 16, 2018
How Safe Are Voice Activated Assistants?
May 2, 2018
Busting the Myths About Facebook’s Data Use
April 24, 2018
How to File a Cyber Crime Complaint in India
April 11, 2018
How to Avoid and What to Do After a Data Breach?
April 3, 2018
5 unbelievable things that can get hacked!
March 21, 2018
7 Major Causes of a Data Breach
March 14, 2018
The 10 Basic Steps of Forensic Photography
March 5, 2018
Cyberwarfare – The new-age warfare
February 16, 2018
10 things that hackers can do by hacking into your smartphone
February 6, 2018
5 Infamous Cases Solved Using Early Forensics
January 24, 2018
Why Cyber Security should be Digital India’s foremost priority
January 19, 2018
All that you need to know about Forensic Photography
December 29, 2017
How Forensic Science has Evolved Over Time
December 20, 2017
Thinking of which career to choose? How about Forensic Science?
December 10, 2017
How Fake News is the trending & booming dark net business
December 1, 2017
Top 10 cyber crimes in the history of cyber attacks
November 23, 2017
Seeking a Partner Online? Ensure your safety with these tips
November 17, 2017
Beware! Dating someone? Are you sure about your partner?
November 13, 2017
How healthcare IoT is vulnerable to cyber security threats
November 7, 2017
5 things a student should know about an Advance Fee Scam
November 6, 2017