menu

.wtf() Skimmer Still Targeting WooCommerce Websites

2021-11-30 :: Luke
#convert-server.com  #JavaScript  #skimmer  #WordPress  #WooCommerce  #ecommerce  #website malware  .wtf() Skimmer Still Targeting WooCommerce Websites
Almost identical to the one from back in March 2021 except this uses convert-server.com as the exfiltration domain.
Read more →

restore-metamask.com Used to Steal Entire Crypto Wallets

2021-07-30 :: Luke
#restore-metamask.com  #crypto  #phishing  #fraud  #PHP  #JavaScript  restore-metamask.com Used to Steal Entire Crypto Wallets
The malicious domain restore-metamask.com was used to steal existing crypto wallets of metamask.io users. It also allowed new wallets to be created and cryptocurrencies deposited to the new wallet, but it would ultimately go to the attackers.
Read more →

wss://hotjar[.]info skimmer

2021-06-13 :: Luke
#hotjar.info  #wss  #skimmer  #ecommerce  #magento  #JavaScript  #website malware  wss://hotjar[.]info skimmer
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.
Read more →

analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer

2021-06-03 :: Luke
#analiticsweb.site  #zulhqmnr@netmail.tk  #skimmer  #ecommerce  #magento  #JavaScript  #website malware  analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer
A JavaScript skimmer that loads from analiticsweb[.]site/analytics.js - and opsec failure leads to discovery of more malicious domains.
Read more →

lolzilla Skimmer: PHP or JS?

2021-05-08 :: Luke
#lolzilla  #portzilla  #skimmer  #ecommerce  #magento  #JavaScript  #PHP  #website malware  lolzilla Skimmer: PHP or JS?
lolzilla skimmer analyzes a visitor’s HTTP request to determine whether it can capture the visitor’s payment data using a PHP skimmer or if it should deploy a JavaScript skimmer onto the checkout page to capture the data.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.