New Web Skimmer target stores and it records the keystrokes to steal customers’ payment data.

by homesense
0 comment

This new skimmer sudden spikes in demand for platforms that in any case don’t permit custom JavaScript

according to sansec.io the new type of payment skimmer runs on dozens of stores hosted on BigCommerce, Shopify, Zencart, and WooCommerce. on platforms that do not allow custom javascript the skimmer evades the security by showing a fake payment form to visiters that are visiting or making a payment on the affected site. the skimmer also records the visiters keystrokes to steal their payment information

when the visitor complete filling the forms an error message pops up and redirects the victim to the original payment page and with this the victims will not see that their information has been stolen

sansec.io also said on their site that the skimmer uses programmatically generated exfiltration domains. It keeps a counter and uses base64 encoding to produce a new domainname and The first one was registered on August 31st.Wherever customers enter their payment details, they are at risk. Merchants should implement measures to actively counter this.

Related Posts

Leave a Reply