There’s been a steady stream of news about malware designed to skim customer payment data during e-commerce transactions, but research by security vendor Group-IB suggests that the problem is broader than the public might realize. JavaScript-sniffers — JS-sniffers for short — were lurking on 2,440 hacked websites that receive roughly 1.5 million unique daily visitors, according to research published Wednesday by the Moscow-based company. The malicious software essentially produces the same results as a credit card skimmer: Cybercriminals inject a few lines of code onto target websites, then sweep up account numbers, names, addresses and other information that’s valuable on dark web markets. And it’s not just Magecart, the best known group of JS-sniffers, Group-IB says. Twelve Magecart groups have been in operation, but Group-IB says its researchers discovered a total of 38 JS-sniffer groups — at least eight of which have not previously been investigated in detail. One JS-sniffer campaign, known as TokenLogin, was detected on sites that […]
The post Magecart is the most infamous payment skimmer. But it’s hardly the only one. appeared first on CyberScoop.
Continue reading Magecart is the most infamous payment skimmer. But it’s hardly the only one.→