Threat Intelligence Report: MageCart Malware

Threat intelligence is an elusive concept. Cyber-security vendors have developed numerous definitions for it based upon different procedural viewpoints. As a result, the key concept and principle of threat intelligence is explaining the role it plays within cyber-security and network defence, while offering advice and best practice. This will equip the reader with a basic understanding of the benefits of threat intelligence and the importance of investing effort and resources into responding to it.

A definition of Threat Intelligence:
[It is] evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.

Name of Exploit
MageCart Malware

Type of Exploit
Script injector, credit card stealer, credit card skimmer, personal data scraper, file-less attack.

How Exploit is Spread
The MageCart Malware exploit is spread by injecting a customised script into a company’s online and mobile application system but, through the evolution of scripters, it is also being injected into 3rd party widgets.

Global Risk
High– the exploit is targeting a company’s online and mobile application payment systems. Recently it has been used to target Ticketmaster and British Airways. Due to the exploit targeting online payment systems the risk to your organisation has been categorised as high risk. The recent evolution of the malware has been found to infect a 3rd party tool that is used for collecting feedback and opinions.

Within the Cyber Security community, the impact is high as the exploit not only steals credit card (including the long card number, expiry date and the three-digit CVV security code) details but also personal details such as names and email addresses.

Download the full report

Leave a Reply