The new exploit builds a fake frame around legitimate portions of an online commerce website.
A new strain of software designed to steal financial information from retail websites has surfaced, demonstrating criminals' ability to adapt and improve their tools in the face of improved security measures.
The software, discovered by researcher Jérôme Segura at Malwarebytes, takes advantage of the popular retail practice of using a third-party credit card payment organization to facilitate credit card use. In this case, the software targets companies using Magento as their financial processing service provider. The malicious software inserts an iframe around the display code that would send the customer to Magento to finalize a purchase — an iframe that requests and captures the customer payment card info far earlier than it would be requested in a legitimate transaction.
This new attack is similar to an earlier overlay code tactic used by Magecart. It allows the purchase to proceed, minimizing the speed with which it might be found, but will exfiltrate customer payment information in the process. The only real clue for those who don't have the checkout page layout memorized is the process by which payment information is requested twice — which should alert all consumers that something is amiss.
Read more here.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024