Internet security group warns against rise of formjacking hack

  • 26/09/2018
A person at a computer.
Photo credit: Getty

An internet security company is warning about the rise of formjacking - a type of hacking on the rise.

The hack involves inserting malicious code into an ecommerce website's javascript platform, which allows criminals to collect information from the forms.

The attack has already happened on a large scale to websites like Ticketmaster or British Airways, where hundreds of thousands of people were affected.

Most of the attacks have come from a group called Magecart. In both instances the hack took advantage of third party software operating on the site.

Norton By Symantec warns it has seen a notable increase in the use of formjacking over the past few months, especially in September.

"Since August 13 we have blocked 248,000 attempts at formjacking - almost a quarter of a million instances," a spokesperson said.

"However, more than one third of those blocks (36 percent) occurred during the past week - from September 13 to 20 - indicating that this activity is increasing."

A graph showing the rise.
A graph showing the rise. Photo credit: Supplied/Norton By Symantec

New Zealand customers may have been affected by the Ticketmaster hack, which affected anyone who bought tickets online between September 2017 and June 23, 2018.

In June the company estimated only 5 percent of its global audience was at risk and in August Westpac NZ took the step of reissuing 30,000 debit and credit cards for the sake of security, NZME reports.