Episode
52: Magecart
51:17
Published: Tue Nov 26 2019
Description
Credit card skimming is growing in popularity. Gas pumps all over are seeing skimmers attached to them. It’s growing in popularity because it’s really effective. Hackers have noticed how effective it is and have began skimming credit cards from websites. Guest Thanks to Yonathan Klijnsma from RiskIQ. Sponsors This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project. Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit honeybook.com/darknet to get 50% off your subscription. This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo. Visit darknetdiaries.com for full show notes and transcripts. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Chapters
Two men were given stolen credit cards by Carlos to purchase multiple prepaid visa gift cards worth $200 each.
00:00 - 04:47 (04:47)
Summary
Two men were given stolen credit cards by Carlos to purchase multiple prepaid visa gift cards worth $200 each. Carlos wrote around 50 credit cards to blank cards and sent the men to Washington state to try and cash them out.
Episode52: Magecart
PodcastDarknet Diaries
Brave's browser allows for advanced web crawling techniques while maintaining user privacy.
04:47 - 11:07 (06:20)
Summary
Brave's browser allows for advanced web crawling techniques while maintaining user privacy. By utilizing the browser's features, users can be informed about the security risks and vulnerabilities of websites they visit.
Episode52: Magecart
PodcastDarknet Diaries
In 2015, hackers infiltrated websites running Magento and placed JavaScript into the checkout section to make copies of any credit cards entered on that page, providing hackers with copies of credit card information.
11:07 - 18:11 (07:03)
Summary
In 2015, hackers infiltrated websites running Magento and placed JavaScript into the checkout section to make copies of any credit cards entered on that page, providing hackers with copies of credit card information. The script executed when payment submission forms were used to submit payment data.
Episode52: Magecart
PodcastDarknet Diaries
The British Airways data breach resulted in the theft of customer information, including name, address, email address, credit card number, expiration date, and security code.
18:11 - 24:17 (06:06)
Summary
The British Airways data breach resulted in the theft of customer information, including name, address, email address, credit card number, expiration date, and security code. Customers who made a booking or changed a booking between certain dates using a credit or debit card should contact their bank as a precautionary measure.
Episode52: Magecart
PodcastDarknet Diaries
The credit card details of 380,000 customers of British Airways were affected in a web skimming attack by the Magecart hacking group.
24:17 - 29:50 (05:33)
Summary
The credit card details of 380,000 customers of British Airways were affected in a web skimming attack by the Magecart hacking group. The attack was carried out by addling a small snippet of code to a JavaScript library, allowing the cybercriminals to grab the payment details of customers purchasing tickets from the airline's website.
Episode52: Magecart
PodcastDarknet Diaries
The team discovered a large skimming site and wanted to conduct further research before reaching out to the site.
29:50 - 35:51 (06:00)
Summary
The team discovered a large skimming site and wanted to conduct further research before reaching out to the site. They also observed that the checkout process on the site was more complex compared to others.
Episode52: Magecart
PodcastDarknet Diaries
When large scale credit card theft occurs, thieves can't easily cash out on all the cards, as using them for large purchases risks getting caught and going to jail.
35:51 - 42:03 (06:11)
Summary
When large scale credit card theft occurs, thieves can't easily cash out on all the cards, as using them for large purchases risks getting caught and going to jail.
Episode52: Magecart
PodcastDarknet Diaries
The implementation of Content Security Policy (CSP) headers can prevent web skimming attacks by isolating payment data entry points and blocking unauthorized data transfers to remote servers.
42:03 - 50:03 (08:00)
Summary
The implementation of Content Security Policy (CSP) headers can prevent web skimming attacks by isolating payment data entry points and blocking unauthorized data transfers to remote servers. This method also helps to identify and avoid bulletproof and criminal hosters that facilitate web skimming attacks.
Episode52: Magecart
PodcastDarknet Diaries
Online credit card skimming will continue until security improves.
50:03 - 51:23 (01:19)
Summary
Online credit card skimming will continue until security improves. This episode pays tribute to Jonathan Kleinsmama, a researcher who spent his last days fighting cancer.