menu

Skimmer Targets Psigate Payment Fields

2021-12-30 :: Luke
#dyneff.fr  #Psigate  #psigate_cc_number  #t87588  #Magento  #ecommerce  #skimmer  #JavaScript  #website malware  Skimmer Targets Psigate Payment Fields
Analysis of an obfuscated JavaScript skimmer designed to steal payment data entered into the Psigate gateway fields on the victim’s infected ecommerce website. Exfiltration domain:
Read more →

MAGECART GROUP 12: toolser.pw skimmer

2021-06-28 :: Luke
#MAGECART GROUP 12  #toolser.pw  #pathc.space  #skimmer  #ecommerce  #magento  #PHP  #website malware  MAGECART GROUP 12: toolser.pw skimmer
This PHP code injection is used to selectively inject the JavaScript skimmer that is loaded from toolser.pw (recently had been using pathc.space).
Read more →

wss://hotjar[.]info skimmer

2021-06-13 :: Luke
#hotjar.info  #wss  #skimmer  #ecommerce  #magento  #JavaScript  #website malware  wss://hotjar[.]info skimmer
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.
Read more →

analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer

2021-06-03 :: Luke
#analiticsweb.site  #zulhqmnr@netmail.tk  #skimmer  #ecommerce  #magento  #JavaScript  #website malware  analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer
A JavaScript skimmer that loads from analiticsweb[.]site/analytics.js - and opsec failure leads to discovery of more malicious domains.
Read more →

lolzilla Skimmer: PHP or JS?

2021-05-08 :: Luke
#lolzilla  #portzilla  #skimmer  #ecommerce  #magento  #JavaScript  #PHP  #website malware  lolzilla Skimmer: PHP or JS?
lolzilla skimmer analyzes a visitor’s HTTP request to determine whether it can capture the visitor’s payment data using a PHP skimmer or if it should deploy a JavaScript skimmer onto the checkout page to capture the data.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.