Cybercriminals are constantly looking for ways to monetize their malicious campaigns as quickly as possible. Targeting retail websites has proven quite profitable, and it’s no surprise that this type of attack, shortly known as formjacking, has been prevalent in 2018.
Meet Formjacking, a Prevalent Threat in 2018
The attack involves the injection of malicious code into the targeted website, allowing attackers tograb customers’ credit card details.
According to a new Symantec report, formjacking has affected an average of 4,800 website per month, and has become a favorite hacking method. More specifically, the cybersecurity firm has blocked more than 3.7 million formjacking attacks against websites in 2018 alone. One third of the campaigns took place during the holiday shopping season, which is not surprising at all.
Victims of formjacking are often small and medium-sized businesses but high profile brands are also targeted. Examples of such companies are British Airways and Ticketmaster.
According to the report, 10 stolen credit cards per compromised website is all it takes “to result in a yield of up to $2.4M per month”. It is noteworthy that with more than 380,000 credit cards stolen, the British Airways attack alone may have made cybercriminals more than $17 million.
Ransomware and Cryptojacking Declined in 2018, but Remain Potent Threats
Cryptojacking and ransomware, on the other hand, declined in 2018. Shortly said, 2018 brought diminishing returns, resulting in lower activity.
For the first time since 2013, ransomware declined, down 20 percent overall, but up 12 percent for enterprises. With a 90 percent plunge in the value of cryptocurrencies, cryptojacking fell 52 percent in 2018. Still, cryptojacking remains popular due to a low barrier of entry and minimal overhead.
Last year also saw challenges in cloud security, plenty of targeted attacks, and IoT hacks, with targeted attack groups increasingly focusing on IoT as a soft entry point. The vulnerable IoT landscape allows criminals to destroy or wipe a device, steal credentials and data, and intercept SCADA communications, the report said.