Cybersecurity researchers at Cyble Research & Intelligence Labs have identified a tweet with a JavaScript skimmer that is mentioned by a security analyst on Twitter.
The Magecart threat group has created this skimmer that mainly steals data related to payments from the Magento website, which is an e-commerce platform.
By exploiting the security flaws in the popular CMS, the operators of Magecart attack the Magento e-commerce websites. By doing so the attackers are able to inject malicious JavaScript into the source code of the website as a result of this exploit.
There is malicious code embedded in the checkout page and payment form of the compromised website which attempts to collect the following payment information:-
There is also a check written into the malicious code which determines that the data is in the right format and displays that information.
An open-source e-commerce platform, Magento is completely based on PHP, and it’s a platform that facilitates the creation of e-commerce websites for programmers.
The Magento card skimming technique exploits vulnerabilities in Magento’s e-commerce software to steal credit cards from customers. While they do so, they are able to access the source code of the website.
According to the report, Once the threat actors have obtained access to the compromised website, they inject malicious JavaScript into it. By doing this, the threat actors track all the payment forms and checkout processes to steal customers’ financial data.
As soon as the JavaScript is executed, it checks for the presence of anti-skimmer features, which prevent the skimmer from detecting it. In this way, it is prevented from loading when the browser is using its dev tool at the same time.
A JavaScript file retrieves the payment information from the victim once they have entered it into the form. Thereafter, the POST method is used in order to send the Base64-encoded data through this method to the URL included in the script.
Following are some of the best cybersecurity practices that we believe to be essential:-
Download Free SWG – Secure Web Filtering – E-book
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…