Security News > 2020 > June > Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.

According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for their own account, letting them exfiltrate payment information entered by users even in conditions where content security policies are enforced for maximum web security.

Bypassing Content Security Policy The attack hinges on the premise that e-commerce websites using Google's web analytics service for tracking visitors have whitelisted the associated domains in their content security policy.

To harvest data using this technique, all that is needed is a small piece of JavaScript code that transmits the collected details like credentials and payment information through an event and other parameters that Google Analytics uses to uniquely identify different actions performed on a site.

Given the widespread use of Google Analytics in these attacks, countermeasures like CSP will not work if attackers take advantage of an already allowed domain to hijack sensitive information.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/rzDuRpNwFC0/google-analytics-hacking.html