Security News
Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms. Recently, Recorded Future's threat detection tools identified two Magecart campaigns injecting malicious code into the online ordering portals of MenuDrive, Harbortouch, and InTouchPOS. As a result, 50,000 payment cards were stolen and have already been offered for sale on various marketplaces on the dark web.
Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms. Recently, Recorded Future's threat detection tools identified two Magecart campaigns injecting malicious code into the online ordering portals of MenuDrive, Harbortouch, and InTouchPOS. As a result, 50,000 payment cards were stolen and have already been offered for sale on various marketplaces on the dark web.
A recently launched carding site called 'BidenCash' is trying to get notoriety by leaking credit card details along with information about their owners. On Thursday, June 16, BidenCash admins decided to give away a CSV file containing names, addresses, telephone numbers, emails, and credit card numbers for free to promote their platform.
The criminals behind the Emotet botnet - which rose to fame as a banking trojan before evolving into spamming and malware delivery - are now using it to target credit card information stored in the Chrome web browser."The notorious botnet Emotet is back, and we can expect that new tricks and evasion techniques will be implemented in the malware as the operation progresses, perhaps even returning to being a significant global threat," Ron Ben Yizhak, security researcher with cybersecurity vendor Deep Instinct, wrote in a blog post in November outlining the technical evolutions in the malware.
The notorious Emotet malware has turned to deploy a new module designed to siphon credit card information stored in the Chrome web browser. The credit card stealer, which exclusively singles out Chrome, has the ability to exfiltrate the collected information to different remote command-and-control servers, according to enterprise security company Proofpoint, which observed the component on June 6.
The Emotet botnet is now attempting to infect potential victims with a credit card stealer module designed to harvest credit card information stored in Google Chrome user profiles. After stealing the credit card info, the malware will send it to command-and-control servers different than the ones the Emotet card stealer module.
Two two American gun shops, Rainier Arms and Numrich Gun Parts, that operate e-commerce sites have disclosed data breaches resulting from card skimmer infections on their sites. Credit card skimmers are malicious JavaScript code either embedded on the sites or fetched from a remote resource by a seemingly innocuous element, such as a favicon.
Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. Skimming gangs obfuscate their code snippets, inject them into image files, and masquerade them as popular web applications to evade detection.
A new FLASH report from the FBI warns about cyber actors scraping credit card data from compromised online checkout pages from US businesses. According to the FBI, a US business was targeted in September 2020 by an unidentified threat actor, who inserted malicious PHP code into the checkout page of the targeted company website.
The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites. Php in an attempt to inject malicious code into the checkout.