JavaScript Skimmers, Formjacking and Magecart - All You Need to Know

Explore the world of JavaScript skimmers, formjacking, and Magecart in this comprehensive 51-minute conference talk from RSA Conference. Delve into the tactics used by attackers to steal valuable user data from websites, with Symantec Threat Researcher Candid Wueest as your guide. Gain insights into blocking nearly one million such attacks monthly, and learn step-by-step how to protect your infrastructure from compromise and potential hefty fines. Discover the typical formjacking sequence, witness a live demo, and understand various infection methods, script activation techniques, and data exfiltration processes. Examine formjacking toolkits, discuss challenges in mitigation, and acquire practical tips to safeguard your systems. Suitable for those with a general understanding of HTTP requests and HTML pages, this talk equips you with essential knowledge to combat this prevalent cybersecurity threat.

Intro
Typical Formjacking Sequence
Formjacking Demo ... let's go shopping
Formjacking Incidents
Formjacking Detections and Infections
Get the Script onto the Server Own vulnerable infrastructure
Many Ways to Inject the Script • Directly in the HTML/PHP with a tag . Link to a remote server, e.g.
Script Activation Script is only activated if keyword is found, e checkout and if there is a web form Method Description
Gathering the Data
Exfiltrating Data
Easy to Use» Formjacking Toolkits
Not Always Easy to Help
Mitigation Tips
Summary - Formjacking - JavaScript Skimmers
Apply Slide - Formjacking
RSAConference 2020