menu

_try_action Skimmer Sends Stolen Data To cdn-frontend.com

2021-04-19 :: Luke
#cdn-frontend.com  #_try_action  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  _try_action Skimmer Sends Stolen Data To cdn-frontend.com
_try_action is a JavaScript skimmer and exfiltrates the stolen payment data to fake PNG image file at cdn-frontend.com/stat/pix.png
Read more →

obj_31337 Skimmer Loads From payprocess.org

2021-04-04 :: Luke
#payprocess.org  #processpayment.cc  #obj_31337  #our_honey  #onestepcheckout  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  obj_31337 Skimmer Loads From payprocess.org
This skimmer loads from payprocess.org and exfiltrates to processpayment.cc
Read more →

PHP -> JavaScript Conversion - $dataoo Skimmer

2021-04-02 :: Luke
#$dataoo  #fetch('php://input')  #onfr64_qrpbqr  #testServer.php  #bardven[.]com  #skimmer  #magento  #ecommerce  #PHP  #JavaScript  #website malware  PHP -> JavaScript Conversion - $dataoo Skimmer
A comparison of a skimmer that an attacker rolled out in separate PHP and JavaScript versions. Big thanks to Baryo (@ctrl__esc)!
Read more →

An Angrybeaver Has Joined The Skimming Game

2021-03-30 :: Luke
#angrybeaver  #payflowpro  #authorizenet  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  An Angrybeaver Has Joined The Skimming Game
angrybeaver is a skimmer written in JavaScript that is designed to target Payflowpro & authorizenet payments on Magento ecommerce websites. It doesn’t use the same obfuscation techniques that are popular among other JS skimmers.
Read more →

Backticks + $_POST = PHP minishell

2021-03-25 :: Luke
#backdoor  #minishell  #one-liner  #PHP  #website malware  Backticks + $_POST = PHP minishell
The use of the lesser known backtick operator and $_POST results in probably one of the smallest PHP one-liner minishells: ~12 characters
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.