The idea, in a nutshell, is to breach vulnerable legitimate sites and use them to host web skimmer code, thereby leveraging the good reputation of the genuine domains to their advantage.
This attack included the exploitation of Magento, WooCommerce, WordPress, and Shopify, demonstrating the growing variety of vulnerabilities and abusable digital commerce platforms, Lvovsky said.
The attackers used two different types of skimmer codes — one with an obfuscated version and other variants — to gain access to payment details stored in plaintext on compromised websites.
Payment details were exfiltrated by sending an encoded string over an HTTP request to an actor-controlled server.
Several tricks were used to conceal the malicious code and to load it into third-party services such as Google Tag Manager or Facebook Pixel.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply