Formjacking is a type of malware that hackers use to exploit vulnerabilities in third-party services and connections within an application's infrastructure. As server-side security continues to improve, cybercriminals are seeking new entry points, leading to the rise of formjacking. This malicious technique involves infecting web forms via third-party providers, allowing hackers to steal sensitive user information such as ID numbers, addresses, or credit card details. The method has seen a significant increase in popularity among hackers, with one report noting a 78% surge in this type of attack. In fact, two-thirds of companies have experienced a supply chain attack, often initiated through formjacking.
Several significant formjacking attacks have occurred over the past few years. In 2018, hackers used formjacking to steal payment card data from 380,000 British Airways customers by embedding malicious scripts on the baggage claim information page of the airline’s website. These scripts collected data from visitors and relayed it back to the hackers' server. More recently, in January 2023, a massive formjacking attack compromised one of Canada's largest beverage retailers, highlighting the ongoing threat posed by this type of cybercrime.
Despite organizations' best efforts to protect their application environments and customers' personal data, traditional Web Application Firewalls (WAFs) often prove inadequate against formjacking. However, emerging technologies like real-user behavioral detection offer a promising defense. This technology protects websites from JavaScript threats, including web skimming, formjacking, and Magecart attacks. Nevertheless, the escalating sophistication of these attacks underscores the need for continuous innovation in cybersecurity measures.