Retail hacking is no new phenomenon, although it has increased in frequency over the last few years. In fact, retailers experienced…
Tag: web skimmers
New evasion techniques found in web skimmers
For a number of years, criminals have been able to steal credit card details from unaware online shoppers without attracting too…
Hundreds of counterfeit online shoe stores injected with credit card skimmer
There’s a well-worn saying in security: “If it’s too good to be true, then it probably isn’t.” This can easily be…
There’s an app for that: web skimmers found on PaaS Heroku
Criminals love to abuse legitimate services—especially platform-as-a-service (Paas) cloud providers—as they are a popular and reliable hosting commodity used to support…
Web skimmer phishes credit card data via rogue payment service platform
Heading into the holiday shopping season, we have been tracking increased activity from a threat group registering domains for skimming and…
The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT
This blog post was authored by Jérôme Segura, William Tsing, and Adam Thomas. In a previous post, we described the possible…
Magecart criminals caught stealing with their poker face on
Earlier in June, we documented how Magecart credit card skimmers were found on Amazon S3. This was an interesting development, since…
No summer break for Magecart as web skimming intensifies
This summer, you are more likely to find the cybercriminal groups Magecart client-side rather than poolside. Web skimming, which consists of…
No man’s land: How a Magecart group is running a web skimming operation from a war zone
Our Threat Intelligence team has been monitoring the activities of a number of threat actors involved in the theft of credit…
Magecart skimmers found on Amazon CloudFront CDN
Update (06-08-2019): The compromises of Amazon S3 buckets continue and some large sites are being affected. Our crawler spotted a malicious…