Security News > 2021 > March > Hackers hide credit card data from compromised stores in JPG file
Hackers have come up with a sneaky method to steal payment card data from compromised online stores that reduces the suspicious traffic footprint and helps them evade detection.
Instead of sending the card info to a server they control, hackers hide it in a JPG image and store it on the infected website.
Cybercriminals gaining access to an online store through a vulnerability or weakness plant malicious code designed to steal customer card data at checkout.
Sucuri found a PHP file on the compromised website that the hackers had modified to load additional malicious code by creating and calling the getAuthenticates function.
The code above also created in a public location of the infected store a JPG image that would be used to store payment card data from customers in encoded form.
All the information above can be used for credit card fraud either directly by the hackers or by another party purchasing the data, or to deploy more targeted phishing and spam campaigns.