Security News > 2020 > December > Credit card stealer hides in CSS files of hacked online stores
Credit card stealer scripts are evolving and become increasingly harder to detect due to novel hiding tactics.
This happened because scanners aren't commonly scanning CSS files for malicious code and anyone looking at the skimmer's trigger script reading a custom property from the CSS page wouldn't give it a second glance.
This credit card skimmer was discovered by researchers at Dutch cyber-security company Sansec on Tuesday, on three different online stores.
A JavaScript parser/trigger script on the checkout page of the hacked online store will then load and execute the skimmer from a URL stored by the CSS Code in the -script variable that points to a Magecart script on the cloud-iq[.
Online shoppers have very few options to protect against Magecart attacks where JavaScript-based scripts known as credit card skimmers are injected within the pages of compromised e-commerce sites to exfiltrate their customers' payment and personal data.