Credit card stealing malware hides in social media sharing icons

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Newly discovered web skimming malware is capable of hiding in plain sight to inject payment card skimmer scripts into compromised online stores.
The malware's creators use malicious payloads concealed as social media buttons that mimic high profile platforms such as Facebook, Twitter, and Instagram.

Credit card skimmers are JavaScript-based scripts injected by Magecart cybercrime groups in the checkout pages of compromised e-commerce sites.
Once loaded on the targeted stores, the scripts automatically harvest payment and personal information submitted by customers and exfiltrate it to servers under the Magecart actors' control.

Novel security scanner evasion tactic​

This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital skimming (also known as Magecart) attacks.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top