A week in security (December 30 – January 5)

Credit to Author: Malwarebytes Labs| Date: Mon, 06 Jan 2020 17:20:25 +0000

A roundup of the previous week’s most notable security stories and events, including new web skimmer techniques, an explanation of edge computing, and more.

Categories:

Tags:

(Read more…)

The post A week in security (December 30 – January 5) appeared first on Malwarebytes Labs.

Read more

New evasion techniques found in web skimmers

Credit to Author: Jérôme Segura| Date: Mon, 30 Dec 2019 22:25:06 +0000

As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Categories:

Tags:

(Read more…)

The post New evasion techniques found in web skimmers appeared first on Malwarebytes Labs.

Read more

There’s an app for that: web skimmers found on PaaS Heroku

Credit to Author: Jérôme Segura| Date: Wed, 04 Dec 2019 16:00:00 +0000

Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.

Categories:

Tags:

(Read more…)

The post There’s an app for that: web skimmers found on PaaS Heroku appeared first on Malwarebytes Labs.

Read more

The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT

Credit to Author: Threat Intelligence Team| Date: Tue, 22 Oct 2019 15:00:00 +0000

Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.

Categories:

Tags:

(Read more…)

The post The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT appeared first on Malwarebytes Labs.

Read more

Magecart criminals caught stealing with their poker face on

Credit to Author: Jérôme Segura| Date: Tue, 20 Aug 2019 15:00:38 +0000

This blog post details the curious case of a web skimmer encountered in a poker application.

Categories:

Tags:

(Read more…)

The post Magecart criminals caught stealing with their poker face on appeared first on Malwarebytes Labs.

Read more

No summer break for Magecart as web skimming intensifies

Credit to Author: Jérôme Segura| Date: Thu, 01 Aug 2019 15:00:00 +0000

Despite the heat, criminals are hard at work stealing credit card data from unaware shoppers. July marks a notable increase in web skimmer attacks over previous months.

Categories:

Tags:

(Read more…)

The post No summer break for Magecart as web skimming intensifies appeared first on Malwarebytes Labs.

Read more

Skimmer acts as payment service provider via rogue iframe

Credit to Author: Jérôme Segura| Date: Tue, 21 May 2019 15:38:42 +0000

Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.

Categories:

Tags:

(Read more…)

The post Skimmer acts as payment service provider via rogue iframe appeared first on Malwarebytes Labs.

Read more

GitHub hosted Magecart skimmer used against hundreds of e-commerce sites

Credit to Author: Jérôme Segura| Date: Fri, 26 Apr 2019 16:06:12 +0000

Magecart threat actors upload their skimming code onto GitHub in the latest attack against Magento websites.

Categories:

Tags:

(Read more…)

The post GitHub hosted Magecart skimmer used against hundreds of e-commerce sites appeared first on Malwarebytes Labs.

Read more