Mobile network operator falls into the hands of Fullz House criminal group

The Fullz House threat group has struck again, this time inserting a credit card skimmer into a mobile phone operator and seller.

Read more

Caught in the payment fraud net: when, not if?

Will we be stuck with payment fraud forever? Come with us as we explore what can go wrong, and why you shouldn’t blame yourself if you suffer a loss.

Read more

New web skimmer steals credit card data, sends to crooks via Telegram

Criminals steal payment data from online shoppers by abusing the Telegram instant messaging API, inserting credit card skimming code.

Read more

Credit card skimmer targets ASP.NET sites

This unusual web skimmer campaign goes after sites running Microsoft’s IIS servers with an outdated version of the ASP.NET framework.

Read more

Criminals hack Tupperware website with credit card skimmer

This latest hack from Magecart threat actors was well planned and executed.

Read more

New evasion techniques found in web skimmers

As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Read more

A week in security (December 9 – 15)

A roundup of cybersecurity news from December 9 – 15, including smart doorbell concerns, a new credit card skimmer vulnerability, and a deep dive into Ryuk ransomware.

Read more

Hundreds of counterfeit online shoe stores injected with credit card skimmer

A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.

Read more

There’s an app for that: web skimmers found on PaaS Heroku

Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.

Read more

Skimmer acts as payment service provider via rogue iframe

Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.

Read more

Select your language