Internet Industry Search Engine

A new rash of highly covert card-skimming malware infects ecommerce sites
See More From:

Mar 14, 2019 5:28 PM 1+ week ago

The rash of e-commerce sites infected with card-skimming malware is showing no signs of abating. Researchers on Thursday revealed that seven sites--with more than 500,000 collective visitors per month--have been compromised with a previously unseen strain of sniffing malware designed to surreptitiously swoop in and steal payment card data as soon as visitors make a purchase.

Group-IB has dubbed the JavaScript sniffer GMO after the gmo[.]il domain it uses to send pilfered data from infected sites, all of which run the Magento e-commerce Web platform. The researchers said the domain was registered last May and that the malware has been active since then. To conceal itself, GMO compresses the skimmer into a tiny space that's highly obfuscated and remains dormant when it detects the Firebug or Google Developer Tools running on a visitor's computer. GMO was manually injected into all seven sites, an indication that it is still relatively fledgling.

Group-IB's discovery comes six months after similar card-skimming JavaScript infected ...

Read More

Search Builder

(Click to add to search box)
Fila UK site  Brazilian Fila website  security provider Malwarebytes  JS Sniffers shouldn  payment data leaks  payment card data  British Airways  Filo UK  company spokesman  payment systems  Ars Technica  research paper  vice president  Bloomberg News  debit cards  Nicholas Palmer  Conde Nast  pilfered data  GMO compresses  archived scan  crime gangs  card skimmers  GMO sniffer  credit card  New Pacemaker Hack  attacks Fileless malware  Airways breach  Fortnite cheaters  Airways site  Brazilian malware  iPhone Researchers  

**Content contained on this site is provided on an “as is” basis. 4Internet, LLC makes no commitments regarding the content and does not review it, so don't assume that it's been reviewed. What you see here may not be accurate and should not be relied upon. The content does not necessarily represent the views and opinions of 4Internet, LLC. You use this service and everything you see here at your own risk. Content displayed may be subject to copyright. Content is removed on a case by case basis. To request that content be removed, contact us using the following form: Contact Us.