menu

Magento PHP Skimmer - new validateData variant

2021-03-01 :: Luke
#validateData  #variant  #skimmer  #fraud  #magento  #ecommerce  #PHP  #website malware  Magento PHP Skimmer - new `validateData` variant
A variant of the validateData skimmer. This skimmer is saving payment data to a secondary file after the skimmer is injected into the Magento core file OnepageController.php.
Read more →

Magento 2 Skimmer Exfiltrates to Telegram Bot

2021-02-19 :: Luke
#Telegram  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  Magento 2 Skimmer Exfiltrates to Telegram Bot
A JavaScript skimmer that exfiltrates stolen payment data to a Telegram bot that is under the attacker’s control.
Read more →

Magento PHP Skimmer - validateData

2021-02-18 :: Luke
#jquery-in[.]com  #magentoinfo[.]org  #validateData  #skimmer  #fraud  #magento  #ecommerce  #PHP  #website malware  Magento PHP Skimmer - `validateData`
A PHP skimmer stealing payment data and user login data is injected into Magento core files OnepageController.php and User.php.
Read more →

Spox is Dila Belimi

2021-01-02 :: Luke
#Spox  #Dila Belimi  #threat actor  #phishing  #attribution  #opsec  #fraud  #PHP  #website malware  Spox is Dila Belimi
Hi my name is Spox (Dila Belimi) and I like to steal from average people during a global pandemic.
Read more →

Phishers Target Vonage/Nexmo API

2020-12-28 :: Luke
#metri  #PHP  #phishing  #fraud  #website malware  Phishers Target Vonage/Nexmo API
A phishing kit targeting both the login information and also the API key for Vonage API users (previously Nexmo). The stolen API can then be used to send and receive SMS, or even calls, from a large selection of clean numbers.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.