HackDig : Dig high-quality web security articles for hackers

Inter skimming kit used in homoglyph attacks

As we continue to track web threats and credit card skimming in particular, we often rediscover techniques we’ve encountered elsewhere before. In this post, we share a recent find that involves what is known as an homoglyph attack. This technique has been exploited for some time already, especially in phishing scams with IDN homograph attacks. Th
Publish At:2020-08-06 16:20 | Read:356 | Comments:0 | Tags:Threat analysis credit card skimming homoglyph Inter kit Mag

Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files

They say a picture is worth a thousand words. Threat actors must have remembered that as they devised yet another way to hide their credit card skimmer in order to evade detection. When we first investigated this campaign, we thought it may be another one of those favicon tricks, which we had described in a previous blog. However, it turned out to be diff
Publish At:2020-06-25 16:41 | Read:247 | Comments:0 | Tags:Threat analysis EXIF Magecart metadata skimmers skimming

Online credit card skimming increased by 26 percent in March

Criminals are known to take advantage of events that capture people’s attention. This is true for any kind of attack that relies on social engineering, such as the phishing emails exploiting the Covid-19 pandemic. Certain events such as the current crisis not only get the attention of threat actors but they also lead to changes in habits. Case in po
Publish At:2020-04-08 13:53 | Read:638 | Comments:0 | Tags:Cybercrime coronavirus covi Magecart shopping skimmers skimm

Criminals hack Tupperware website with credit card skimmer

On March 20, Malwarebytes identified a targeted cyberattack against household brand Tupperware and its associated websites that is still active today. We attempted to alert Tupperware immediately after our discovery, but none of our calls or emails were answered. Threat actors compromised the official tupperware[.]com site—which averages close to 1 millio
Publish At:2020-03-25 14:34 | Read:665 | Comments:0 | Tags:Hacking credit card Magecart skimmer skimming steganography

Rocket Loader skimmer impersonates CloudFlare library in clever scheme

Fraudsters are known for using social engineering tricks to dupe their victims, often times by impersonating authority figures to instill trust. In a recent blog post, we noted how criminals behind Magecart skimmers mimicked content delivery networks in order to hide their payload. This time, we are looking at a far more clever scheme. This latest skim
Publish At:2020-03-10 12:32 | Read:654 | Comments:0 | Tags:Threat analysis HTTPS JavaScript Magecart skimmer skimming C

PCI PIN Transaction Security requests upgradeable credit card readers

The Payment Card Industry Security Standards Council (PCI Council) updates its standard to reduce fraudulent activities against PoS systems. The number of credit card frauds involving Point-of-Sale continues to increase, in the last months, numerous attacks targeted retails and hotels worldwide. The Payment Card Industry Security Standards Council (PCI Counc
Publish At:2016-09-12 23:45 | Read:4853 | Comments:0 | Tags:Breaking News Laws and regulations Security credit card EMV

Placing a skimmer on Gas Station Card Scanner in less than 3 seconds

Attack ATM is very simple for criminals, a video released by Miami Beach Police shows two men installing a credit card skimmer in less than 3 seconds. In October, the CENTRAL MEANS OF PAYMENT ANTIFRAUD OFFICE (UCAMP) of the Italian Ministry of Economy and Finance released the annual report on Payment card frauds. This year I was one of the experts who worked
Publish At:2016-03-14 17:45 | Read:4882 | Comments:0 | Tags:Breaking News Cyber Crime ATM card fraud Cybercrime EVM card

SSCC 162 - What are *you* doing to fight cybercrime in the next 12 months? [PODCAST]

Sophos Security Chet Chat - Episode 162 - August 29, 2014News, opinion, advice and research!Here's our latest security podcast, featuring Sophos experts and Naked Security writers Chester Wisniewski and Paul Ducklin.(Audio player above not working? Download the MP3, or listen on Soundcloud.)In this episode of the Chet ChatChester Wisniewski and Paul Ducklin
Publish At:2014-08-29 13:10 | Read:4161 | Comments:0 | Tags:Data loss Featured Law & order Malware Podcast Privacy bitco

ATM Skimming: A Refresher

Earlier today, ANC (a local news outlet) via Yahoo! published a news piece about a retired policewoman who lost all her pension amounting to USD 9,150 (PHP 400,000) to skimmers. The National Bureau of Investigation (NBI), the law enforcement body whom the former officer sought help from, also warned the public of the rising incidents of ATM-related fraud. Sk
Publish At:2014-08-15 09:00 | Read:5442 | Comments:0 | Tags:Fraud/Scam Alert card fraud card skimming skimming

Tools

Tag Cloud