menu

PaaS à la carte: Phishing Kit Caught In Development

2021-03-19 :: Luke
#battleplans  #PHP  #phishing  #dev  #fraud  #website malware  PaaS à la carte: Phishing Kit Caught In Development
A phishing kit found in-the-wild during the development stage and leaks the ‘order notes’ from the buyer.
Read more →

.wtf() Skimmer Targets WooCommerce PayPal Pro

2021-03-10 :: Luke
#0x4895  #templatesurvey.com  #skimmer  #WordPress  #WooCommerce  #PayPal Pro  #ecommerce  #JavaScript  #website malware  .wtf() Skimmer Targets WooCommerce PayPal Pro
A JavaScript skimmer designed to steal payment data entered into the WooCommerce PayPal Pro gateway on the victim’s infected ecommerce website. Lowkey exfiltration domain: templatesurvey[.]com.
Read more →

Skimmer Targets SagePay Payment Method on Magento 2 Websites

2021-03-05 :: Luke
#SagePay  #skimmer  #JavaScript  #ecommerce  #magento  #website malware  Skimmer Targets SagePay Payment Method on Magento 2 Websites
A skimmer that steals payment data from customers that check out using the SagePay payment method.
Read more →

Magento PHP Skimmer - new validateData variant

2021-03-01 :: Luke
#validateData  #variant  #skimmer  #fraud  #magento  #ecommerce  #PHP  #website malware  Magento PHP Skimmer - new `validateData` variant
A variant of the validateData skimmer. This skimmer is saving payment data to a secondary file after the skimmer is injected into the Magento core file OnepageController.php.
Read more →

Magento 2 Skimmer Exfiltrates to Telegram Bot

2021-02-19 :: Luke
#Telegram  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  Magento 2 Skimmer Exfiltrates to Telegram Bot
A JavaScript skimmer that exfiltrates stolen payment data to a Telegram bot that is under the attacker’s control.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.