Blog03 - WAF_ Formjacking

Formjacking

Are you under an invisible attack?

“Who would be interested in stealing data from someone like me?” he said and went on to hit ‘Submit’.  

Are you someone who sighs every time you need to take pertinent precautions with your online presence? Do you know someone who might ask themselves questions like the one above or some variation of that? Or did you think only important people and gazillionaires fall under the radar of online predators? 

Think again. 

A recently emerging form of an online attack has been detected by Symantec, brought to light during their 2018 data security checks. Formjacking poses hidden threats and proves deadly due to the way it manages to make your login screen as it does just like any other day. 

Simply put, a Formjacking occurs when a malicious JavaScript code hides behind a perfectly legitimate looking login form of your favorite web app. In the background, it surreptitiously steals your personal information. Meanwhile, your browser proceeds to the usual landing page of whichever webapp you just logged into. 

Think of credit card skimmers, who siphon your personal data as the card is being swiped. Formjacking is the virtual equivalent of the same attack. Without disrupting your secure transaction, a form-jacked website performs its illicit work behind the scenes. Hackers use viruses as a medium of embedding the malicious code into websites, the most targeted of which are understandably banking portals, online shopping web services and payment gateways.

F5 Labs’ latest report, based on 760 breach reports, states that this method was to blame for almost three quarters (71 per cent) of all data breaches that happened last year. They believe the entry point for these attackers is the outsourcing done by companies to develop sensitive components of their application. (For e.g. Shopping carts.) A total of 83 such incidents were spotted already this year, which impacted more than a million of payment cards. These attacks spanned the industries of retail, business and even manufacturing. You can imagine the sensitive data flowing to and from these types of websites. 

So, what can you do about it? The simple answer would be to refuse to undertake transactions through the medium of the internet. But since that is not possible in today’s day and age, one thing you can practice is maximum vigilance. As we discussed previously, most formjackers use malicious JavaScript code. One way to avoid being the target of formjacking would be to enable a browser policy against running scripts. Follow the steps enlisted here. (Different browsers may have their own no-script tools.)

Another method is to subscribe to a real-time scanning service, which can protect your browser. 

Organizations today are faced with growing complexities everywhere from continuously evolving automated targeted cyber threats on the network, applications & programs to keeping abreast with the most current security patch updates. Your Cyber security should evolve accordingly with constant patch updates, regular VAPT checks, round the clock network health checks.

Logix since 1999, is a committed and acknowledged provider of managed services, solutions and products in the Cyber security space with a dedicated team of nearly 20+ professionals supporting Business enterprises across PAN India from Banks, Government entities to Financial Institutions. With a strong focus on research and innovation, we have built extensive capability around Big Data for Security Analytics, Response, and Security Automation.

Our prime focus lies in managing & deploying NGFW solutions of multiple OEMs. We manage over 1500 + SMB/Mid-Enterprise / Enterprise Customers, providing constant monitoring & handhold support 24*7*365. You can check out our very own Cyber Security Services carefully designed for your maximum security.  

  • Keep an eye out for the newer and newer forms of cyber-attacks. When you know better, you can be safer. Happy Web Surfing!

Leave a Reply

Your email address will not be published. Required fields are marked *