How secure are your online payments? In the fourth episode of SwigCast, we tackle card skimmers and the evolution of Magecart



Click play to listen now. Also available on SoundCloud and all major podcast platforms

Magecart has become a household name in card skimming tactics, posing an evolving threat to e-commerce sites, and spouting numerous cybercrime groups with varied levels of sophistication.

First identified in 2015 by researcher Willem de Groot, Magecart has grown to be responsible for multiple high-profile breaches, including those at Ticketmaster, British Airways, and Vision Direct.

In less than five years, Magecart-based cybercrime campaigns have compromised at least 6,000 individual websites, according to a joint analysis by RiskIQ and Flashpoint.

Initially the work of one threat group, the 2018 report by the cybersecurity firms identified at least seven gangs that were using the software.

As the number of cybercriminal groups operating under the Magecart umbrella have increased, the skimmer itself has evolved.

For example, in addition to the typical victims of online payment sites and their third-party suppliers, attackers were recently caught targeting improperly configured Amazon S3 buckets,

In the fourth episode of SwigCast, we sat down with Terry Bishop, technical director at RiskIQ, to discuss the evolution of Magecart, the skimmer’s ongoing use by cybercrime gangs, and where the responsibility lies for consumer protection.


Additional reporting by John Leyden.


SwigCast is a regular podcast that puts a variety of infosec topics under the microscope. Catch up and listen to previous episodes


YOU MIGHT ALSO LIKE Magecart: How a single skimming case evolved into widespread credit card threat