Jscrambler researchers found a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer named Mongolian Skimmer. Jscrambler researchers uncovered a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer dubbed ‘Mongolian Skimmer.’ The attackers used unusual Unicode characters for variables and function names. The skimmer was named […]
Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce vulnerability, tracked as CVE-2024-34102Â (aka CosmicSting, CVSS score of 9.8), to compromise more than 4,000 e-stores over the past three months. The flaw is an Improper Restriction […]
A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer, called Caesar Cipher Skimmer, that was used in recent weeks to target users of e-stores based on popular CMS, including WordPress, Magento, and OpenCart. Over the past several weeks, the experts […]
Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress plugin to install malicious code in WooCommerce e-stores and harvest credit card details. In the campaign spotted by the experts, attackers use a very obscure […]
Retail giant Target is going to open-source an internal tool, dubbed Merry Maker, designed to detect e-skimming attacks. Retail giant Target announced the release in open-source of an internal tool, dubbed Merry Maker, designed to detect e-skimming attacks. Merry Maker is a tool designed by Target security developers Eric Brandel and Caleb Walch (@ebrandel and @cawalch) to […]
Security experts from Sucuri analyzing a software skimmer that is abusing its brand name in order to evade detection. Researchers at Sucuri analyzed a software skimmer that is using their brand name in order to evade detection. The e-skimmer is a base64-encoded JavaScript blob that attackers inject into target webpages. During a routine investigation, the […]
Researchers observed a new tactic adopted by Magecart groups, the hackers used Telegram to exfiltrate stolen payment details from compromised websites. Researchers from Malwarebytes reported that Magecart groups are using the encrypted messaging service Telegram to exfiltrate stolen payment details from compromised websites. Attackers encrypt payment data to make identification more difficult before transferring it […]
North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. and Europe for at least a year. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year. […]
Malwarebytes experts observed crooks hiding a software skimmer in the EXIF metadata of an image that was surreptitiously loaded by compromised online stores. While investigating a Magecart attack, experts found an e-skimmer code hidden in the EXIF metadata of an image file and surreptitiously loaded by compromised online stores. The malicious script detected by the […]
Security researchers at Kaspersky uncovered a web skimming campaign leveraging Google Analytics service to steal user data. Recently, researchers at Kaspersky identified several web skimming attacks that abused Google Analytics service to exfiltrate data stolen with an e-skimmer software. Threat actors exploit the trust in Analytics to bypass Content Security Policy (CSP) using the Analytics API. […]