Prestashop StripeTag Skimmer

Prestashop StripeTag Skimmer
A basic JavaScript skimmer injected into a Prestashop website. Exfiltration domain:
Read more →

Skimmer Targets Psigate Payment Fields

Skimmer Targets Psigate Payment Fields
Analysis of an obfuscated JavaScript skimmer designed to steal payment data entered into the Psigate gateway fields on the victim’s infected ecommerce website. Exfiltration domain:
Read more →

Magento PHP One-Liner Backdoor

Magento PHP One-Liner Backdoor
Analysis of a PHP one-liner found injected on Magento ecommerce websites and learn how it is used by attackers.
Read more →

.wtf() Skimmer Still Targeting WooCommerce Websites

.wtf() Skimmer Still Targeting WooCommerce Websites
Almost identical to the one from back in March 2021 except this uses convert-server.com as the exfiltration domain.
Read more →

MAGECART GROUP 12: toolser.pw skimmer

MAGECART GROUP 12: toolser.pw skimmer
This PHP code injection is used to selectively inject the JavaScript skimmer that is loaded from toolser.pw (recently had been using pathc.space).
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.