Hackers found new way to attack e-commerce stores, online shoppers and steal credit card details.
Steganography, Web Skimmer Attack
Steganography — hiding information inside another format (i.e., text inside images, images inside videos, etc.) or by placing the bad code inside seemingly innocent files.
Skimming — an illegal practice used to capture credit card information from a cardholder surreptitiously.
Similarly, Fraudsters often use a device called a skimmer that can be installed at gas pumps or ATM machines to collect card data.
Recently, criminals found a new web malware that hides inside images used for social media sharing buttons in order to steal credit card information entered in payment forms on online stores.
Follow Us on: Twitter, Instagram, LinkedIn to get latest security news!
Malicious Code Hidden in SVG Images
This year Dutch security firm Sanguine Security (SangSec) spotted the malware, known as a web skimmer, or Magecart script, on online stores.
Over the past years, steganography attacks hide malicious payloads inside image files, usually stored in PNG or JPG formats.
But as steganography use grew, security firms also started looking and analyzing image files — could find irregularities or hidden web skimmer payloads.
In recent attacks, the malicious code wasn’t hidden inside PNG or JPG files but in SVG files.
Scalable Vector Graphics — a file format that allows displaying vector images on your website.
However, the threat actors were very clever when they designed their payload.
“The malicious payload assumes the form of an HTML < svg > element, using the < path > element as a container for the payload. The payload itself is concealed utilizing syntax that strongly resembles correct use of the < svg > element,” SangSec said in a report last week.
In June — it found malware gangs testing this technique, In September — live e-commerce sites.
Followingly, the malicious payload hidden inside social media sharing icons for sites like Google, Facebook, Twitter, Instagram, YouTube, and Pinterest.
Security Recommendation
On infected stores, once users accessed the checkout page, a secondary component (called a decoder) would read the malicious code hidden inside the social sharing icons and then load a keylogger that recorded and exfiltrated card details entered in the payment form.
The simplest way to protect from web skimmer attacks is to use virtual cards designed for one-time payments.
Im obliged for the blog. Much thanks again. Really Cool. Morgen Jozef Zoldi
Howdy! Do you know if they make any plugins to assist with Search Engine Optimization? I’m trying
to get my blog to rank for some targeted keywords but I’m not seeing very good results.
If you know of any please share. Many thanks!
whoah this weblog is excellent i like reading your posts.
Stay up the good work! You realize, many people are hunting
round for this information, you could help them greatly.
What i do not realize is actually how you’re no longer really
a lot more well-liked than you might be now. You are very intelligent.
You already know therefore considerably in the case of this matter,
produced me in my opinion believe it from so many various angles.
Its like women and men aren’t fascinated unless it is something to accomplish
with Girl gaga! Your own stuffs outstanding.
Always take care of it up!
Simply want to say your article is as astounding. The clearness in your put up is simply nice
and that i can assume you are knowledgeable in this subject.
Well together with your permission let me to take hold of your RSS feed to stay up to date with
forthcoming post. Thank you 1,000,000 and please continue the rewarding work.
It’s difficult to find experienced people about this subject, but you sound
like you know what you’re talking about! Thanks
Hello! I’m at work surfing around your blog from my new iphone
4! Just wanted to say I love reading your blog and look forward to all your posts!
Keep up the great work!