The Bad Guys Win – Analysis of 10,000 Magecart Vulnerabilities

Magecart is the common name for an attack in which hackers compromise 3rd party Javascript code to steal information from web-applications or websites that incorporate the code.Over the last two years, we monitored the web for vulnerabilities in online infrastructures that enable Magecart attacks or are leveraged in Magecart attacks. Our research also included monitoring additional methods to abuse third-party scripts and bypass the various defense mechanisms that have been put in place to stop these attacks. During this research, we encountered tens of thousands of vulnerable assets, including those owned by governments and global enterprises...

By: Nethanel Gelernter

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-21/briefings/schedule/#the-bad-guys-win--analysis-of--magecart-vulnerabilities-24806
Web design
Be the first to comment