This credit card skimmer hides in plain sight, quite literally, as it resides inside the metadata of image files.
With confinement measures imposed in many countries, online shopping has soared and with it, credit card skimming, which increased by 26 percent in March.
Criminals set up fraudulent infrastructure that looks like a typical content delivery network—except it isn’t. Behind it hides a credit card skimmer injected into Magento online stores.
A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.
Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.
Despite the heat, criminals are hard at work stealing credit card data from unaware shoppers. July marks a notable increase in web skimmer attacks over previous months.
We take a look into a Magecart group’s web skimming activities, which are relying on a bulletproof-friendly host in battle-scarred Luhansk, Ukraine to provide cover for their activities, safe from the reach of law enforcement and the security community.