{"id":25424,"date":"2019-02-20T05:01:00","date_gmt":"2019-02-20T05:01:00","guid":{"rendered":"https:\/\/www.darkreading.com\/threat-intelligence\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/d\/d-id\/1333908"},"modified":"2019-02-20T05:01:00","modified_gmt":"2019-02-20T05:01:00","slug":"formjacking-compromises-4800-sites-per-month-could-yours-be-one","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/","title":{"rendered":"&#8216;Formjacking&#8217; Compromises 4,800 Sites Per Month. Could Yours Be One?"},"content":{"rendered":"<header>\n<\/header>\n<p><span class=\"strong black\">Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers &#8211; and all they need is a small piece of JavaScript.<\/span> <\/p>\n<p class=\"\">For a while, it was ransomware. Then it was cryptojacking. Now researchers point to formjacking as the latest threat-of-the-moment and means for hackers to get quick cash.<\/p>\n<p>Cybercriminals have turned to formjacking as ransomware and cryptojacking yield less profit, according to Symantec&#8217;s Internet Security Threat Report (ISTR), Volume 24. Symantec reports it blocked more than 3.7 million formjacking attacks on endpoints in 2018, with nearly one-third of those taking place during November and December as holiday shopping season ramped up.<\/p>\n<p>Formjacking attacks are simple: Cybercriminals input malicious code onto retailers&#8217; websites and lift customers&#8217; payment card details. Conservative estimates indicate they collected tens of millions of dollars last year by using stolen data in credit card fraud or selling consumers&#8217; records on the Dark Web. Ten stolen cards from each compromised website could generate up to $2.2 million total in profit for attackers, Symantec reports. A single card can fetch up to $45 in underground forums.<\/p>\n<p>Kevin Haley, director of security response at Symantec, says formjacking&#8217;s growth is reminiscent of the time ransomware began to spike back in 2012. &#8220;Nobody knew what it was, but we saw this significant growth, and we saw that it would be a big deal moving forward,&#8221; he explains.<\/p>\n<p>Now cybercriminals see formjacking as a simple opportunity to take advantage of online retailers. All they need is a small piece of JavaScript; from there, they can take advantage of a website vulnerability or infect a third-party application the site is using. The rise in formjacking is coupled by an increase in supply chain attacks as hackers use those to get onto target sites.<\/p>\n<p>Magecart is a primary driver of the formjacking trend, Haley says. The threat group was behind several high-profile formjacking attacks in 2018 against targets including Ticketmaster and British Airways. Its attackers <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/ticketmaster-breach-part-of-massive-payment-card-hacking-campaign\/d\/d-id\/1332266\" target=\"_blank\">have infiltrated<\/a> more than 800 e-commerce sites with card skimming software installed on third-party components and services used by the victims.<\/p>\n<p>The British Airways and Ticketmaster attacks made headlines, but Haley says the majority of websites infected with formjacking attacks are for small and midsize businesses (SMBs). Unlike major corporations, SMBs lack the resources to detect and mitigate these types of threats.<\/p>\n<p>&#8220;They become more tempting targets, easier to get on,&#8221; he continues. &#8220;They may not score as much as you would with a large retailer, but you can be there for a long period of time and get a consistent number of credentials and credit card information.&#8221;<\/p>\n<p><strong>Don&#8217;t Worry: Ransomware and Cryptojacking Are Still Here<br \/><\/strong>Formjacking may have spiked, but it hasn&#8217;t completely eclipsed cryptojacking and ransomware. The latter two threats have changed, researchers report, but they haven&#8217;t entirely disappeared.<\/p>\n<p>Data shows ransomware declined 20% overall \u2013 its first drop since 2013 \u2013 but enterprise ransomware increased 12%. More than 80% of all ransomware infections hit businesses. The shift is likely due to a decline in exploit kit activity, researchers report, as this was previously a key channel for ransomware delivery. Most ransomware attacks in 2018 spread via email, which remains the primary communication tool for most organizations.<\/p>\n<p>&#8220;The major propagation and attack method is via email, and it&#8217;s less and less accessible against consumers as they change their habits,&#8221; Haley explains. People are more likely to read emails on their phones than their PCs. Most major ransomware families still target Windows-based computers, making consumers less vulnerable as attacks don&#8217;t execute on smartphones.<\/p>\n<p>And, of course, there&#8217;s the financial factor: &#8220;There&#8217;s a much bigger payday if you get into an enterprise,&#8221; he adds. Consumers may not have the money or willpower to pay attackers for personal files. Businesses are more likely to pay ransom if an attack could shut them down.<\/p>\n<p>Cryptojacking is down but still popular. Last year, Symantec blocked nearly 69 million cryptojacking events, more than four times the amount blocked in 2017. However, researchers detected a 52% drop in cryptojacking events between January and December 2018. During the same time periods, cryptocurrency Monero lost 90% of its value, they explain in the <a href=\"https:\/\/www.symantec.com\/security-center\/threat-report\" target=\"_blank\">newest ISTR report<\/a>.<\/p>\n<p>&#8220;There&#8217;s still money to be made, but it&#8217;s harder,&#8221; says Haley of the threat. &#8220;You have to infect more machines.&#8221; And while cryptojacking is still an easy feat for most attackers, it will become more difficult to make the same amount of money if they need access to more devices. Many of them are targeting businesses, which have larger numbers of more powerful devices.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<div readability=\"7.3636363636364\">\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png\" alt=\"\" width=\"360\" height=\"48\"\/><\/p>\n<p><strong>Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry&#8217;s most knowledgeable IT security experts. Check out the <a href=\"https:\/\/www.interop.com\/darkreading\/?_mc=hsad_x_drr_le_tsnr_intplv_x_x-drvplug\" target=\"_blank\">Interop agenda<\/a> here.<\/strong><\/p>\n<\/div>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/d\/d-id\/1333908?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers &#8211; and all they need is a small piece of JavaScript. Read More <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/d\/d-id\/1333908?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-25424","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>&#039;Formjacking&#039; Compromises 4,800 Sites Per Month. Could Yours Be One? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"&#039;Formjacking&#039; Compromises 4,800 Sites Per Month. Could Yours Be One? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-20T05:01:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"&#8216;Formjacking&#8217; Compromises 4,800 Sites Per Month. Could Yours Be One?\",\"datePublished\":\"2019-02-20T05:01:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/\"},\"wordCount\":832,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/\",\"name\":\"'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"datePublished\":\"2019-02-20T05:01:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"&#8216;Formjacking&#8217; Compromises 4,800 Sites Per Month. Could Yours Be One?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/","og_locale":"en_US","og_type":"article","og_title":"'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-02-20T05:01:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"&#8216;Formjacking&#8217; Compromises 4,800 Sites Per Month. Could Yours Be One?","datePublished":"2019-02-20T05:01:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/"},"wordCount":832,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/","url":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/","name":"'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","datePublished":"2019-02-20T05:01:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/formjacking-compromises-4800-sites-per-month-could-yours-be-one\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"&#8216;Formjacking&#8217; Compromises 4,800 Sites Per Month. Could Yours Be One?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25424","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=25424"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25424\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=25424"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=25424"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=25424"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}