menu

Prestashop StripeTag Skimmer

2022-01-04 :: Luke
#ccfresh[.]co  #Stripe  #stripe_token_params  #Prestashop  #ecommerce  #skimmer  #JavaScript  #website malware  Prestashop StripeTag Skimmer
A basic JavaScript skimmer injected into a Prestashop website. Exfiltration domain:
Read more →

Skimmer Targets Psigate Payment Fields

2021-12-30 :: Luke
#dyneff[.]fr  #Psigate  #psigate_cc_number  #t87588  #Magento  #ecommerce  #skimmer  #JavaScript  #website malware  Skimmer Targets Psigate Payment Fields
Analysis of an obfuscated JavaScript skimmer designed to steal payment data entered into the Psigate gateway fields on the victim’s infected ecommerce website. Exfiltration domain:
Read more →

.wtf() Skimmer Still Targeting WooCommerce Websites

2021-11-30 :: Luke
#convert-server.com  #JavaScript  #skimmer  #WordPress  #WooCommerce  #ecommerce  #website malware  .wtf() Skimmer Still Targeting WooCommerce Websites
Almost identical to the one from back in March 2021 except this uses convert-server.com as the exfiltration domain.
Read more →

MAGECART GROUP 12: toolser.pw skimmer

2021-06-28 :: Luke
#MAGECART GROUP 12  #toolser.pw  #pathc.space  #skimmer  #ecommerce  #magento  #PHP  #website malware  MAGECART GROUP 12: toolser.pw skimmer
This PHP code injection is used to selectively inject the JavaScript skimmer that is loaded from toolser.pw (recently had been using pathc.space).
Read more →

wss://hotjar[.]info skimmer

2021-06-13 :: Luke
#hotjar.info  #wss  #skimmer  #ecommerce  #magento  #JavaScript  #website malware  wss://hotjar[.]info skimmer
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.