Magecart Executed Their Recent Attacks On The Amazon S3 Bucket
Magecart, a well-known hacking group was behind some of the highly targeted attacks on websites using web-third-party component; Know why do you need to be on high alert if your website or web app uses web-third-party components
About The Attack
Magecart is a well-known hacking group that had mainly targeted e-commerce websites in the past, especially to steal credit card and other sensitive financial information of the users.
A Third Party Attack?
Is Amazon Responsible For Magecart Attacks As A CSP
(Cloud Service Provider)?
The breach itself wasn’t because of exploitation of any vulnerability in Amazon S3 buckets, rather by users misconfiguring the buckets, changing permissions, or using some third-party teams to handle their cloud services. Even though the S3 misconfigured buckets issues were spotted before, it was reported that it only allowed read permission into the files present in the S3 bucket. But the Magecart attackers found a way to both read and write in the data.
The key to understanding the Magecart attack is that your website and data are no longer safe as businesses are not in control of their website anymore. Gone are the days when they were the ones responsible for their data when it was hosted on their own data centers. But now with the advent of cloud technologies and the growing use of third-parties, too many players are responsible, or in charge of their data. Hence, any mishap can widely expose all their sensitive information to the adversaries.
How Can These Types of Attacks Be Prevented?
Not all the attacks can be prevented but can be made difficult for cyber adversaries to exploit. Since the third-party code is not managed and protected by the company, a continuous monitoring and reporting solution is required to detect changes made by your vendors, a trusted solution an enterprise can rely on.