Skimmer Targets Psigate Payment Fields

Skimmer Targets Psigate Payment Fields
Analysis of an obfuscated JavaScript skimmer designed to steal payment data entered into the Psigate gateway fields on the victim’s infected ecommerce website. Exfiltration domain:
Read more →

.wtf() Skimmer Still Targeting WooCommerce Websites

.wtf() Skimmer Still Targeting WooCommerce Websites
Almost identical to the one from back in March 2021 except this uses convert-server.com as the exfiltration domain.
Read more →

MAGECART GROUP 12: toolser.pw skimmer

MAGECART GROUP 12: toolser.pw skimmer
This PHP code injection is used to selectively inject the JavaScript skimmer that is loaded from toolser.pw (recently had been using pathc.space).
Read more →

wss://hotjar[.]info skimmer

wss://hotjar[.]info skimmer
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.
Read more →

analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer

analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer
A JavaScript skimmer that loads from analiticsweb[.]site/analytics.js - and opsec failure leads to discovery of more malicious domains.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.