The payment-card skimmer targets websites hosted on Microsoft IIS servers and running the ASP.NET web framework.
A credit-card skimmer is exclusively targeting websites that are hosted on Microsoft IIS servers and running ASP.NET, the company's web framework for developing web applications and services.
Malwarebytes Lab researchers found more than a dozen websites compromised with malicious code injected into one of their existing JavaScript libraries. The campaign likely started in April 2020 and has affected a range of victims, including sports organizations, health and community associations, and a credit union.
Attackers don't seem to be targeting a specific JavaScript library, the researchers say, and their code sometimes takes different forms. All victim websites were running ASP.NET version 4.0.30319, which the researchers note is no longer officially supported and contains multiple flaws.
ASP.NET is less common than PHP but still accounts for "a sizeable market share" and includes websites with shopping-cart applications, according to a blost post by Jerome Segura, head of threat intelligence. All of the victim websites had shopping portals, which were the attackers' target. The skimmer is built to look for credit-card numbers and passwords; however, the password-seeking method "appears to be incorrectly implemented," he wrote.
Read more details here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "The Entertainment Biz Is Changing, but the Cybersecurity Script Is One We've Read Before."
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024