Get Permission
Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a bulletproof hosting service called Media Land, according to a report from security firm RiskIQ.
During their investigation, the RiskIQ researchers found that thousands of domains used for JavaScript skimmers, phishing domains and other malicious infrastructure have been registered with Media Land since 2018 using at least two email addresses and other aliases.
The use of these so-called bulletproof hosting services helps to keep the malicious infrastructure used by cybercriminal groups and fraudsters hidden from law enforcement agencies, the report notes.
Jordan Herman, a threat researcher at RiskIQ and one of the authors of the report, notes that bulletproof hosting services, along with other underground services, support a robust ecosystem that allows Magecart groups to thrive.
Get Permission
A recently uncovered payment card skimmer is targeting several large content management systems that support the online checkout pages of dozens of e-commerce sites, according to researchers with Dutch security firm Sansec.
To date, this new skimmer has been found on a dozen online stores checkout pages that are supported by content management systems hosted on platforms from Shopify, BigCommerce, Zen Cart and WooCommerce, according to the report.
These types of payment card skimmers, or JavaScript skimmers, are typically deployed by a cybercriminal organization dubbed by several researchers as Magecart, which is an umbrella term for several separate gangs that use similar techniques and tools to target e-commerce checkout pages to steal credit card information and other data (see: