The Evolution of Magecart Attacks

Presented at BSidesLV 2023, Aug. 8, 2023, 5 p.m. (20 minutes)

The talk provides an overview of the evolution of Magecart attacks and how threat actors have become more sophisticated in their techniques over the years. The main focus of the talk is the attacker side of Magecart attacks, with an emphasis on the techniques used to bypass protections and conceal activities. The talk explores the different methods used by attackers to infiltrate websites, including exploiting vulnerabilities in third-party scripts and supply chain attacks. It covers the various techniques used by attackers to conceal their activities, such as obfuscating JavaScript code, disguising malicious code, using known vendors to inject and exfiltrate data, hiding sensitive information within images through steganography, using unusual methods to send network requests, and more.

Presenters:

• Roman Lvovsky
• Gal Meiri
  I am a Senior Security Research Team Lead at Akamai, leading the security research of our In-Browser Protection solutions. I am a passionate web security researcher with vast research experience in the fields of client-side Javascript and browser capabilities. My main expertise in the field of client-side attacks is hunting and investigation Magecart attacks, financial malware attacks, phishing and bot detection.

Links:

• https://www.bsideslv.org/talks#S9EJCP

Similar Presentations:

• Global AppSec - DC 2019 / Fighting Formjacking and Magecart - Separating fact from fiction
• BSidesSF 2022 Rescheduled / JavaScript Obfuscation - It’s All About the P-a-c-k-e-r-s
• Black Hat Europe 2021 / The Bad Guys Win – Analysis of 10,000 Magecart Vulnerabilities