Lucene search
K

19 matches found

The Hacker News
The Hacker News
added 2025/04/03 4:45 a.m.18 views

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface API from payment processor Stripe to validate stolen payment information prior to exfiltration. "This tactic ensures that only valid card data is sent to the attackers,...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/05 6:29 a.m.47 views

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack

Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that's designed to steal personally identifiable information PII and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked site...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/05 6:29 a.m.4 views

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack

Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that's designed to steal personally identifiable information PII and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked site...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/28 9:18 a.m.3 views

Attention Online Shoppers: Don't Be Fooled by Their Sleek, Modern Looks — It's Magecart!

An ongoing Magecart campaign has attracted the attention of cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive data entered by unsuspecting users. "The threat actor used original logos from the compromised store and customized a web element known ...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/17 2:0 a.m.24 views

Web skimmer found on website of Liquor Control Board of Ontario

On January 12, 2023, the Liquor Control Board of Ontario LCBO published a news release about a cybersecurity incident, affecting online sales through LCBO.com. It is one of the largest retailers and wholesalers of beverage alcohol in the world. Web skimmer The cybersecurity incident was a web...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/25 3:30 p.m.18 views

Malware spent months hoovering up credit card details from 300 US restaurants

Criminal hackers have been able to steal at least 50,000 credit cards from 300 restaurants in the US, after launching two Magecart campaigns that target the MenuDrive, Harbortouch, and InTouchPOS online payment platforms: Magecart is a web-skimmer—malware that is injected onto a vulnerable websit...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/06 11:59 a.m.15 views

Card skimmers strike Sotheby’s in Brightcove supply chain attack

Over 100 real estate websites have been compromised by the same web skimmer in a supply chain attack. So what happened? On Monday, January 3, Palo Alto said it had found a supply chain attack that used a cloud video platform to distribute skimmer campaigns. The attacker injected the skimmer’s...

0.3AI score
Exploits0
HackRead
HackRead
added 2022/01/05 8:5 p.m.22 views

Cloud video platform abused in web skimmer attack against real estate sites

By Deeba Ahmed New Web Skimmer Campaign Exploiting Cloud Video Distribution Supply Chain to Target Real Estate Sites. This is a post from HackRead.com Read the original post: Cloud video platform abused in web skimmer attack against real estate sites...

1.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/14 4:54 p.m.38 views

A week in security (December 7 – December 13)

Last week on Malwarebytes podcast we talked to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the K12 Security Information Exchange, about how schools can plan for a cybersecure 2021. We also released a Malwarebytes Labs report revealing that 50 percent of schools did...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/14 4:1 p.m.269 views

Magecart Attack Impacts More Than 10K Online Shoppers

One of the largest known Magecart campaigns to date took place over the weekend, with nearly 2,000 e-commerce sites hacked in an automated campaign that may be linked to a zero-day exploit. The attacks have impacted tens of thousands of customers, who had their credit-card and other information...

8.3AI score0.0552EPSS
Exploits1References8
Malwarebytes
Malwarebytes
added 2020/09/07 2:24 p.m.22 views

A week in security (August 31 – September 6)

Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/29 4:25 p.m.39 views

A week in security (June 22 – 28)

Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and we learned how to cough in the face of scammers, offering security tips for the 2020 tax season. We also looked at a web skimmer hiding within EXIF metadata that...

7.5CVSS0.8AI score
Exploits1
Malwarebytes
Malwarebytes
added 2020/05/06 3:15 p.m.43 views

Credit card skimmer masquerades as favicon

Malware authors are notorious for their deceptive attempts at staying one step ahead of defenders. As their schemes get exposed, they always need to go back to their bag of tricks to pull out a new one. When it comes to online credit card skimmers, we have already seen a number of evasion...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/18 9:0 a.m.102 views

Magecart Cyberattack Targets NutriBullet Website

A faction under the Magecart umbrella, Magecart Group 8, targeted the website of the blender manufacturer, NutriBullet, in an attempt to steal the payment-card data of its online customers. Yonathan Klijnsma, threat researcher with RiskIQ, said in a Wednesday post that a JavaScript web skimmer co...

8.3AI score0.0552EPSS
Exploits1References11
Malwarebytes
Malwarebytes
added 2020/01/06 5:20 p.m.36 views

A week in security (December 30 – January 5)

Last week on Malwarebytes Labs, we took a dive into edge computing, looked at new web skimmer techniques, and rolled our eyes at silly people doing silly things. Other cybersecurity news: Stills and chills: A Reddit user notices their security camera is grabbing stills from other people’s devices...

0.2AI score
Exploits0
HackRead
HackRead
added 2019/12/13 6:15 p.m.45 views

Hundreds of counterfeit branded shoe stores hacked with web skimmer

By Uzair Amir Research suggests that there are hundreds of fake branded shoe websites that are infected with credit card skimmer, which is... This is a post from HackRead.com Read the original post: Hundreds of counterfeit branded shoe stores hacked with web skimmer...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/11/25 12:55 p.m.35 views

A week in security (November 18 – 24)

Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware, published our fall 2019 review of exploit kits, looked at how Deepfake on LinkedIn makes for...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/11/21 5:30 p.m.52 views

Web skimmer phishes credit card data via rogue payment service platform

Heading into the holiday shopping season, we have been tracking increased activity from a threat group registering domains for skimming and phishing campaigns. While most of the campaigns implemented a web skimmer in the typical fashion—grabbing and exfiltrating data from a merchant's checkout pa...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2019/11/19 2:56 p.m.218 views

Macy's Suffers Data Breach by Magecart Cybercriminals

The department store Macy’s is warning that web skimmer malware was discovered on Macys.com collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card...

8.3AI score0.0552EPSS
Exploits1References19
Rows per page
Query Builder