India Ranks Third in the List of Exposed Countries to Form jacking Attacks

CIOReviewIndia Team | Friday, 04 October 2019, 13:56 IST

CIOReviewIndia TeamAccording to the annual Internet Security threat Report (ISTR) by Symantec, India was the most exposed country to formjacking attacks - malicious JavaScript code - in the first half of this year (2019), just after US and Australia. And, on an average, websites compromised in this way stay infected for 46 days. Formjacking attackers find a way to change one of the JavaScript files being loaded as part of the website. Wherein, this malicious JavaScript code alters the behavior of the targeted web form or process on the compromised website to surreptitiously steal not only payment card data, but also other personal information in the background.

“Each month we discover thousands of formjacking infected websites which generate millions of dollars for the cyber criminals,” highlighted Candid Wueest, Principal Threat Researcher at Symantec. “Consumers often don’t notice that they have become a victim to a formjacking attack as it can happen on a trusted online store with the HTTPS padlock intact. Therefore, it is important to have a comprehensive security solution that can protect you against formjacking attacks.”

According to the report based on the first six months of 2019, it showed that 52 percent of all global formjacking attacks targeted users in the US, while 8.1 percent of the global attacks targeted users in Australia, which is followed by India with nearly 6 percent of global detections of formjacking. 

Symantec has also reported a major uptick in formjacking attacks recently, with publicly reported attacks on the websites of companies including Ticketmaster, British Airways, Feedify and Newegg by a number of groups summarized as Magecart being the most prominent examples.

In formjacking, the attacker almost always tends to make profit from the stolen information, which is not the case in a traditional data breach, where, the motivation of the perpetrator is not always to misuse the data, sometimes they just want to highlight security inadequacies.

Symantec has also stated that they have blocked more than 2.3 million formjacking attacks globally in the second quarter of 2019.

Don't Miss ( 1-5 of 25 )