Wednesday 2 October 12:00 - 12:30, Green room
Yonathan Klijnsma (RiskIQ)
The credit-card-skimming game started with physical skimmers on ATMs and has evolved to memory skimming on point-of-sale terminals. Since 2014, skimmers have successfully been targeting e-commerce platforms at an alarming rate, stealing from consumers shopping in the perceived safety of their own homes. Over the past years, RiskIQ has been publishing details on a set of groups under the umbrella name "Magecart", profiling their attacks on e-commerce businesses from small shops to major online merchants like Ticketmaster and British Airways.
In this talk, we will discuss how the Magecart threat evolved, break down its high-profile attacks in detail, and show how the criminals monetize their plunder. We’ll also explain how their uncanny ability to adapt to their environment and get smarter makes them such a formidable adversary for security teams.
Yonathan Klijnsma is the lead of threat research within RiskIQ and, with the help of RiskIQ's expansive data sets, uncovers and hunts down threats. Both his work and his hobbies focus on threat intelligence in the form of profiling threat actors as well as analysing and taking apart the means by which they perform their digital crimes.
Shusei Tomonaga (JPCERT/CC)
Tomoaki Tani (JPCERT/CC)
Hiroshi Soeda (JPCERT/CC)
Wataru Takahashi (JPCERT/CC)
Alex Hinchliffe (Unit 42, Palo Alto Networks)
Tongbo Luo (JD.com)
Jimmy Su (JD.com)
Kailiang Ying (Syracuse University)
Xinyu Ma (Flappypig Team)
Zhaoyan Xu (Palo Alto Networks)