Formjacking attacks affect mainly US, Australia and India

Indian users were third most exposed to Formjacking attacks, after those from US and Australia, according to a recent survey conducted by Symantec. The company announced it has blocked over 2.3 million formjacking attacks all around the world, in the second quarter of this year.

Formjacking is a new dangerous threat and it infects websites by injecting malicious codes. The websites that are mainly vulnerable to this kind of attacks are the ones that involve filling out online forms and credit card details.

“We expect this formjacking trend to continue and expand further to steal all kinds of data from web forms, not just payment card data. This also means that we are likely to see more software supply chain attacks. Unfortunately, formjacking is showing no signs of disappearing any time soon. Therefore, operators of online stores need to be aware of the risk and protect their online presence,” reads the report.

Cybercriminals modify one of the JavaScript files which are loaded with the website. Then, this code alters the behaviour of a selected web process on the infected website, which allows attackers unlawfully obtain credit card data and other information.

Usually, according to the same study, the affected websites stay under its influence for 46 days. The websites of huge companies were attacked using this method, like Feedify, British Airways and Ticketmaster.

“Each month we discover thousands of formjacking infected websites, which generate millions of dollars for the cybercriminals. Consumers often don’t notice that they have become a victim to a formjacking attack as it can happen on a trusted online store with the HTTPS padlock intact. Therefore, it is important to have a comprehensive security solution that can protect you against formjacking attacks,” warned Candid Wueest, Principal Threat Researcher at Symantec.