Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story unfolded….
Tag: Magecart
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity
This blog post was authored by Jérôme Segura Web skimming continues to be a real and impactful threat to online merchants…
Credit card skimmer piggybacks on Magento 1 hacking spree
Back in the fall of 2020 threat actors started to massively exploit a vulnerability in the no-longer maintained Magento 1 software…
Demystifying two common misconceptions with e-commerce security
Online shopping has seen a dramatic increase in the months following the Covid-19 outbreak as more and more people opt-out of…
Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt
Most everything about cybersecurity—the threats, the vulnerabilities, the breaches and the blunders—doesn’t happen in a vacuum. And the public doesn’t learn…
Mobile network operator falls into the hands of Fullz House criminal group
Update (2020-10-05): The malicious code has been removed from Boom! Mobile’s website Most victims of Magecart-based attacks tend to be typical…
New web skimmer steals credit card data, sends to crooks via Telegram
The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid detection….
Inter skimming kit used in homoglyph attacks
As we continue to track web threats and credit card skimming in particular, we often rediscover techniques we’ve encountered elsewhere before….
Credit card skimmer targets ASP.NET sites
Update: 2020-07-09 A reader contacted us with information about this series of attacks on .NET sites. There is a known vulnerability…
Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files
They say a picture is worth a thousand words. Threat actors must have remembered that as they devised yet another way…