Contact Contact Us

WEEKLY COMMENTS

Formjacking has overtaken ransomware and cryptojacking as the top cyber threat of 2018. Formjacking is the use of malicious JavaScript code to steal payment details from e-commerce checkout pages. This type of web skimming has gained traction in 2018 due to Magecart-style attacks affecting an estimated 4,800 websites monthly. The high attack volume can be attributed to supply chain attacks where third-party service providers such as web analytics and chatbots plugins used at checkout pages are compromised to push malicious scripts downstream to all subscribers. The stolen credit card details are lucrative commodities that can be monetised at underground markets for up to US$45 per records. Cryptomining while still prevalent has seen attack volume reduced in tandem with the dramatic fall in crypto-currencies value in 2018. For ransomware, attack trends have shifted from mass malspam infection to targeted attacks against enterprise networks, where the tendency for pay-out is higher especially when the affected systems are business critical. Such targeted ransomware attacks capitalised on poorly secured remote desktop protocol (RDP) access to gain a foothold in the targeted network coupled with living-off the land techniques for lateral movement within the local network and for downloading and executing payloads. Targeted ransomware attacks have netted SamSam operators almost US$6 million since 2016 while Ryuk operators have earned US$3.7 million since July 2018.

References:
[1] 2019 Internet Security Threat Report

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883