New Grelos Skimmer Variants Siphon Credit Card Data

2020-11-20 17:23

Just as seasonal online shopping kicks into high gear, new variants of the point-of-sale Grelos skimmer malware have been identified.

Over time new actors began to co-opt the Grelos skimmer and reuse some of the original domains used to host the malware.

The new variants of the skimmer first appeared when researcher Affable Kraut documented it via Twitter in July 2020.

The use of the WebSocket connection to exfiltrate sensitive data is not new and was first observed in connection with a Magecart Group 9 skimmer in December 2019.

Researchers said the connection between the cookie and the skimmer domains piqued their interest because skimmer domains sharing an identical cookie is not common.

News URL

https://threatpost.com/grelos-skimmer-variants-credit-card/161439/

#creditcard #skimmer