Security News > 2020 > June > Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards
![Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards](/static/build/img/news/hackers-using-google-analytics-to-bypass-web-security-and-steal-credit-cards.jpg)
Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.
According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for their own account, letting them exfiltrate payment information entered by users even in conditions where content security policies are enforced for maximum web security.
Bypassing Content Security Policy The attack hinges on the premise that e-commerce websites using Google's web analytics service for tracking visitors have whitelisted the associated domains in their content security policy.
To harvest data using this technique, all that is needed is a small piece of JavaScript code that transmits the collected details like credentials and payment information through an event and other parameters that Google Analytics uses to uniquely identify different actions performed on a site.
Given the widespread use of Google Analytics in these attacks, countermeasures like CSP will not work if attackers take advantage of an already allowed domain to hijack sensitive information.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/rzDuRpNwFC0/google-analytics-hacking.html
Related news
- Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells (source)
- Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day (source)
- How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams (source)
- Snowblind malware abuses Android security feature to bypass security (source)
- Hackers target new MOVEit Transfer critical auth bypass bug (source)
- Web scraping is not just a security or fraud problem (source)
- Google Chrome to let Isolated Web App access sensitive USB devices (source)
- FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums (source)
- PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing (source)
- Forget security – Google's reCAPTCHA v2 is exploiting users for profit (source)