Anatomy of Formjacking Attacks
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Brute Force - T1110
Show in Graph
Common Information
Type Value
UUID cc6cf478-a7af-481d-a062-2fd264e13411
Fingerprint 84111b0b386dd321
Analysis status DONE
Considered CTI value 2
Text language
Published April 27, 2020, 11 p.m.
Added to db Jan. 18, 2023, 10:41 p.m.
Last updated Nov. 17, 2024, 6:31 p.m.
Headline Anatomy of Formjacking Attacks
Title Anatomy of Formjacking Attacks
Detected Hints/Tags/Attributes 46/2/23
Source URLs
Redirection Url
Details Source https://unit42.paloaltonetworks.com/anatomy-of-formjacking-attacks/
URL Provider
Details Provider Source level domain
Details paloaltonetworks.com unit42.paloaltonetworks.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
topps.com
Details Domain 49 
xhr.open
Details Domain 1 
magentoengine.su
Details Domain 5 
xxxxxx.com
Details Domain 1 
myxintad.com
Details Domain 2 
www.cheshirehorse.com
Details Domain 1 
92wear.vn
Details Domain 1 
www.posterburner.com
Details File 46 
microsoft.xml
Details File 5 
stat.js
Details File 1 
elems_all.inc
Details File 17 
content.js
Details File 1 
savedsession.aspx
Details sha256 1 
a79da1f007cfc88e4f8ae13623e2b752d2da03bcf9d51a74ea1fca2e6e6fca14
Details sha256 1 
5775efac071288ff6632056635f285b03bf2ab6d6dee1fd902555e256fe63119
Details sha256 1 
1e4300dff5e0978092102028487c08267b74fb3beef14faa56b0f1a3fbc53ae4
Details sha256 1 
981d0c4d7e1d9249f3c0f59021f02c171233a5259ebda20a671e13d474fb74ec
Details Url 1 
https://magentoengine.su/stat.js
Details Url 1 
https://xxxxxx.com/js/content.js
Details Url 1 
https://myxintad.com/js/content.js
Details Url 1 
https://www.cheshirehorse.com
Details Url 1 
http://92wear.vn
Details Url 1 
https://www.posterburner.com/savedsession.aspx?sid=3daba5c976c3f441ecbf449=