A digital skimming solution has been described as “one of the most prolific and impactful parts of the Magecart ecosystem.”
Reportedly used by several different Magecart actors,
research by RiskIQ into the Inter skimmer found it had been used to steal payment data since late 2018, affecting around 1500 sites. [...]
RiskIQ said the main variations it has observed between variants of the Inter skimmer is increased use of sophisticated obfuscation, which is a trend among skimmers in general. “The Inter kit includes the ability to integrate an obfuscation service if the actor has access to an API key,” it said.
“Throughout our tracking of this skimmer we continue to see a wide variance in the amount of obfuscation employed. Some implementations use clear skimming code, while others employ encrypted obfuscation to try to hide their activity.”
“Since the Inter kit is licensed out to many different actors, we cannot say whether these activities are definitely connected to Sochi,” it said. “Still, we do know that the Inter kit is part of an ever-growing web of malicious activity.”
