How a favicon delivered a web credit card skimmer to victims

2020-05-07 14:02

Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that "Turn" malicious when victims visit a checkout page.

Favicons is a file containing one or more small icons associated with a website and are usually displayed in the browser's address bar, on the tab in which a website has been opened, and in the bookmarks.

Several e-commerce sites were loading a Magento favicon from this domain, Segura noted, but at first glance, the favicon image was clean.

Further analysis showed that, instead of the favicon, the malicious site returned JavaScript code that consists of a credit card payment form - but only when a user visited a checkout page.

It's on site owners to keep their websites secure and to quickly spot malicious changes.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/xGAKKm44bec/

#creditcard #skimmer #WEB