The first computer-based security platform has arrived

JavaScript monitoring firm Jscrambler has discovered a new set of web skimming attacks, including attacks that use methods that would be unrecognizable.

In a blog post (opens in a new tab), the company explained how it detected a web data theft attack on a discount web marketing and analytics service that occurred through the acquisition of its domain name ( Cockpit). The domain name has not been used since 2014.

Group X skimmers were able to compromise more than 40 e-commerce websites (opens in a new tab), and data collected from the sites was scrambled, encrypted, and sent to a Russia-based exfiltration server, according to Jscrambler.

Active web skimming attacks

The provider mentions that once the cybercriminals manage to exfiltrate the data from the original elements of the web page, it injects its own fake elements by posing as a credit card submission form.

By using this hacking method, all data entered by the user will continue to be collected and filtered every time the page is clicked.

Jscrambler also found two other web skimming groups: Group Y and Group Z, with Group Y apparently using a skimmer similar to Group X, while Group Z used a modified server structure for their attacks.

Web theft, also known as Magecart attacks, occurs when groups of hackers use online information theft techniques in an attempt to steal personal data from websites. Hackers mainly target credit card information on sites that accept online payments or customer personal information.

The blog post mentions that some websites may have been using a content management system (CMS - opens in a new tab) or a website builder provider that was injecting the third-party script into their pages.

“In this case, they may not be able to remove the library from their websites due to restricted permissions or lack of knowledge,” Jscrambler wrote.

In November 2022, the UK's National Cyber ​​Security Center (NCSC) alerted over 4000 small business websites about compromised payment gateways (opens in a new tab) on their e-commerce platforms, ahead of Black Friday. , the busiest time for online retailers. .

Share This