HackDig : Dig high-quality web security articles

Credit card skimmer evades Virtual Machines

This blog post was authored by Jérôme Segura There are many techniques threat actors use to slow down analysis or, even better, evade detection. Perhaps the most popular method is to detect virtual machines commonly used by security researchers and sandboxing solutions. Reverse engineers are accustomed to encountering code snippets that check certain r
Publish At:2021-11-03 14:11 | Read:666 | Comments:0 | Tags:Threat Intelligence Magecart magento online shopping skimmer

q-logger skimmer keeps Magecart attacks going

This blog post was authored by Jérôme Segura Although global e-commerce is continuing to grow rapidly, it seems as though Magecart attacks via digital skimmers have not followed the same trend. This is certainly true if we only look at recent newsworthy attacks; indeed when a victim is a large business or popular brand we typically are more likely to reme
Publish At:2021-10-19 18:06 | Read:708 | Comments:0 | Tags:Threat Intelligence Magecart q-logger skimmers

The many tentacles of Magecart Group 8

This blog post was authored by Jérôme Segura During the past couple of years online shopping has continued to increase at a rapid pace. In a recent survey done by Qubit, 70.7% of shoppers said they increased their online shopping frequency compared to before COVID-19. Criminals gravitate towards opportunities, and these trends have made digital skimmin
Publish At:2021-09-13 15:15 | Read:1172 | Comments:0 | Tags:Threat Intelligence Magecart skimmers

Lil’ skimmer, the Magecart impersonator

This blog post was authored by Jérôme Segura A very common practice among criminals consists of mimicking legitimate infrastructure when registering new domain names. This is very true for Magecart threat actors who love to impersonate Google, jQuery and many other popular brands. In this post we look at a skimmer recently disclosed by security researc
Publish At:2021-06-28 14:24 | Read:724 | Comments:0 | Tags:Cybercrime lil' skim Magecart skimmers web skimmers

Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt

Most everything about cybersecurity—the threats, the vulnerabilities, the breaches and the blunders—doesn’t happen in a vacuum. And the public doesn’t learn about those things because threat actors advertise their exploits, or because companies trumpet their lackluster data security practices. No, we often learn about cybersecurity issues because of
Publish At:2020-10-12 13:05 | Read:1591 | Comments:0 | Tags:Podcast ai software disinformation fullz house healthcare im

Inter skimming kit used in homoglyph attacks

As we continue to track web threats and credit card skimming in particular, we often rediscover techniques we’ve encountered elsewhere before. In this post, we share a recent find that involves what is known as an homoglyph attack. This technique has been exploited for some time already, especially in phishing scams with IDN homograph attacks. Th
Publish At:2020-08-06 16:20 | Read:1918 | Comments:0 | Tags:Threat analysis credit card skimming homoglyph Inter kit Mag

Is Your Chip Card Secure? Much Depends on Where You Bank

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented th
Publish At:2020-07-30 15:20 | Read:1482 | Comments:0 | Tags:All About Skimmers Latest Warnings The Coming Storm chip car

Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files

They say a picture is worth a thousand words. Threat actors must have remembered that as they devised yet another way to hide their credit card skimmer in order to evade detection. When we first investigated this campaign, we thought it may be another one of those favicon tricks, which we had described in a previous blog. However, it turned out to be diff
Publish At:2020-06-25 16:41 | Read:1861 | Comments:0 | Tags:Threat analysis EXIF Magecart metadata skimmers skimming

Online credit card skimming increased by 26 percent in March

Criminals are known to take advantage of events that capture people’s attention. This is true for any kind of attack that relies on social engineering, such as the phishing emails exploiting the Covid-19 pandemic. Certain events such as the current crisis not only get the attention of threat actors but they also lead to changes in habits. Case in po
Publish At:2020-04-08 13:53 | Read:2132 | Comments:0 | Tags:Cybercrime coronavirus covi Magecart shopping skimmers skimm

Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server

Threat actors love to abuse legitimate brands and infrastructure—this, we know. Last year we exposed how web skimmers had found their way onto Amazon’s Cloudfront content delivery network (CDN) via insecure S3 buckets. Now, we discovered scammers pretending to be CDNs while exfiltrating data and hiding their tracks—another reason to keep watchful eye o
Publish At:2020-02-26 13:26 | Read:2097 | Comments:0 | Tags:Threat analysis cdn content delivery network credit card dat

Hundreds of counterfeit online shoe stores injected with credit card skimmer

There’s a well-worn saying in security: “If it’s too good to be true, then it probably isn’t.” This can easily be applied to the myriad of online stores that sell counterfeit goods—and now attract secondary fraud in the form of a credit card skimmer. Allured by great deals on brand names, many people end up buying products on
Publish At:2019-12-10 16:50 | Read:2363 | Comments:0 | Tags:Threat analysis counterfeit credit card fraud Magecart shoes

There’s an app for that: web skimmers found on PaaS Heroku

Criminals love to abuse legitimate services—especially platform-as-a-service (Paas) cloud providers—as they are a popular and reliable hosting commodity used to support both business and consumer ventures. Case in point, in April 2019 we documented a web skimmer served on code repository GitHub. Later on in June, we observed a vast campaign where skimming
Publish At:2019-12-04 16:50 | Read:2861 | Comments:0 | Tags:Web threats app apps credit card heroku Magecart paas skimme

Magecart Group 4: A link with Cobalt Group?

Note: This blog post is a collaboration between the Malwarebytes and HYAS Threat Intelligence teams. Magecart is a term that has become a household name, and it refers to the theft of credit card data via online stores. The most common scenario is for criminals to compromise e-commerce sites by injecting rogue JavaScript code designed to steal any informa
Publish At:2019-10-04 11:20 | Read:3003 | Comments:0 | Tags:Threat analysis carbanak colbalt group credit cards data the

Cyber crooks focus on the future as ATM Biometric Skimmers go on Sale

Kaspersky Lab presented an investigation on the future of ATM Biometric Skimmers and how cybercriminals could exploit them. A recent investigation by Kaspersky Labs reports that a number of underground sellers are offering skimmers, which have the capability of stealing users biometric data such as fingerprints. A number of others are researching iris scanni
Publish At:2016-09-24 09:50 | Read:6213 | Comments:0 | Tags:Breaking News Cyber Crime Hacking banking biometrics Cybercr

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3