Published on January 21st, 2020
Written by Swapnil Bhalode, Co-Founder and CTO of Tala Security

Magecart attack

2020 has only begun and Magecart is already back in the headlines. You're almost certainly protecting your websites from attackers, but are you protecting your customers from your website?

Last week, news emerged of a Magecart attack on the popular Focus Camera website. The attack took place last year and involved the use of a skimmer to steal payment card data from customers using the portal. 

Like the infamous British Airways attack, this one involved the use of a domain that closely resembled a legitimate brand or product – in this instance “zdsassets.com”, clearly chosen to look like ZenDesk’s official “zdassets.com”. Malicious JavaScript was injected into the website, allowing the hackers to skim credit card data at the checkout.

How Tala protects against Client-Side Attacks

Tala Security takes a comprehensive approach to securing websites against client-side attacks like the Focus Camera attack. No other solution provides the same breadth of analysis and security coverage, without impacting website performance:

  • Analysis: Tala’s analysis engine continuously interrogates the site architecture, adapting to change and evaluating malicious or suspicious behaviors.
  • Continuous Monitoring: Our AI-driven analysis engine evaluates over 50 unique indicators of a web page’s behavior, to detect anomalous activity within the server, website supply chain or malicious code executing in the user’s browser.
  • Standards-based Security: Tala’s dynamic AI-driven analytics engine works in tandem with our automation engine to activate standards-based security capabilities, including CSP, SRI, Trusted Types and HSTS to protect against a wide range of application-layer attacks such as Magecart, cross-site scripting (XSS), clickjacking, iFrame injection and client-side malware.
  • Administration: Tala’s advanced analytics engine leverages machine-learning to interpret, filter and minimize alert volumes.  This ensures optimal security and streamlined operations and administration.
 
Magecart Attack

 

An example of Tala’s technology in action: Safeguarding against the Focus Camera breach.

Tala automates the deployment of multiple standards-based security capability.  In the case of the Focus Camera breach, multiple facets of this capability set would ensure this attack was defeated:

  • Tala generates and injects SRI hashes into the scripts, which can prevent the execution of the malicious modified scripts altogether. 
  • In certain cases, by design, scripts can’t be hashed – this is when the script doesn’t have CORS enabled. In these cases, Tala would prevent the exfiltration of payment data via CSP.  Tala’s technology auto-generates a very fine-grained Content Security Policy that restricts the app from connecting to unauthorized endpoints, such as “zdsassets.com” used in this attack.

Security that doesn’t impact performance

Again, you’re almost certainly protecting your website from attackers, but are you protecting your customers from your website? 

Tala’s innovative solution ensures that all types of client-side attacks are prevented in real time, without impacting website performance. We do this by automating standards-based security, natively available in every modern browser.  This means no overhead and no impact on website performance. 

Securing websites against this accelerating attack should be an imperative for every website owner. Learn more about how Tala prevents Magecart here.

 

 

Swapnil Bhalode, Co-Founder and CTO of Tala Security
Author

Swapnil Bhalode, Co-Founder and CTO of Tala Security

Swapnil is the Tala’s Chief Technology Officer. Swapnil had over 14 years of experience in researching and building security technologies. Swapnil started his career as a Security Consultant at Ernst & Young, followed by an extensive work in the threat research and response teams at Microsoft, Symantec and Dell. Swapnil holds Master Degree in Computer Science from Syracuse University, and Bachelor’s degree in Computer Engineering from University of Mumbai.

Find Swapnil on LinkedIn

 

Sign up for our Newsletter

Hand-picked security content for security professionals.