Security News > 2022 > May > Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection.

Last year, Malwarebytes disclosed a campaign wherein malicious actors were observed delivering PHP-based web shells embedded within website favicons to load the skimmer code.

A second approach relies on four lines of JavaScript code added to a compromised webpage to retrieve the skimmer script from a remote server that's "Encoded in Base64 and concatenated from several strings."

Also detected is the use of encoded skimmer script domains within spoofed Google Analytics and Meta Pixel code in an attempt to stay under the radar and avoid raising suspicion.

There's not a lot online shoppers can do to protect themselves from web skimming other than ensuring that their browser sessions are secure during checkout.

"Given the increasingly evasive tactics employed in skimming campaigns, organizations should ensure that their e-commerce platforms, CMSs, and installed plugins are up to date with the latest security patches and that they only download and use third-party plugins and services from trusted sources," Microsoft said.

News URL

https://thehackernews.com/2022/05/microsoft-warns-of-web-skimmers.html