未加星标

New Formjacking Technique Used to Skim Payment Details Off Websites

字体大小 | |
[前端(javascript) 所属分类 前端(javascript) | 发布者 店小二03 | 时间 2018 | 作者 红领巾 ] 0人收藏点击收藏

New Formjacking Technique Used to Skim Payment Details Off Websites
New Formjacking Technique Used to Skim Payment Details Off Websites
Add to favorites

“In recent months, we have seen a major uptick in formjacking attacks against high-profile websites across the globe”

Researchers at cybersecurity company Symantec have identified a new formjacking campaign targeting a French ecommerce site that is prominently featured in global shopping aggregator listings.

Over 30 online retail websites from all over the world were redirecting traffic to the compromised site.

Formjacking is a term used to describe the injection of javascript code into the payment section of a website. This code then skims the payment details of unaware customers sending it onto to threat actors to abuse.

The online-store in Paris was injected with a formjacking script which collects the payment information entered onto the website and then sends it to the domain google-analyitics.org; a “typo-squatted” version of the genuine url google-analytics.com.

Another piece of injected code on the same web page looks for the presence of debugging tools, such as Firebug, to thwart security researchers analysing the malicious script; a trend security researchers have increasingly noticed.

See also: Magecart’s 7 Groups: Hackers Dropping Counter-Intelligence Code in JavaScript Skimmers

Siddhesh Chandrayan Threat Analysis Engineer at Symantec wrote : “This latest formjacking campaign highlights the fact that attackers are continuously altering and improving their malicious code and exploring new delivery mechanisms to infect more users.”

Symantec researchers say they have identified more than one million formjacking attempts on over 10,000 websites in the last three months alone.


New Formjacking Technique Used to Skim Payment Details Off Websites

Symantec told Computer Business Review that the scammers had also hacked other ecommerce websites to redirect visitors to the compromised site.

He believes that the Paris site was selected as a target because it is listed in several shopping aggregators.

Formjacking

Traditionally attackers have targeted retail websites through the software provided by third-parties, as these often contain the weak link in the security chain.

Last summer it was disclosed that Ticketmaster was the subject to a serious cyberattack in which threat actors made off with the payment details of over 40,00 UK customers. A chat-bot designed by third-party supplier Inbenta was identified as the source of the vulnerability.

A report from cybersecurity enterprise RiskIQ identified Magecart tactics and script in the attack, which saw a massive credit card skimming operation that affected over 800 e-commerce websites.

In their report RiskIQ noted that: “Magecart actors breached their systems (Ticketmaster) and, in separate instances, either added to or completely replaced a custom JavaScript module Ibenta made for Ticketmaster with their digital skimmer code.”

See Also: The Ticketmaster Hack is Worse Than First Thought

Unfortunately one of the key factors in formjacking or script payment skimming attacks is that retailers and customers may not be aware that their website and details are compromised. Websites and payment forms operate as normal if the attackers have done their job right.

One way enterprise can protect themselves is to test any new software updates in small test environments. Doing so gives you a chance to spot any unusual behaviour in the script.Software distributors who supplier major retailers with products should have monitoring systems in place that detect any changes in their code or in the updating process itself. Symantec is currently working with the websites involved in this new formjacking attack and so they have not named the websites affected.

本文前端(javascript)相关术语:javascript是什么意思 javascript下载 javascript权威指南 javascript基础教程 javascript 正则表达式 javascript设计模式 javascript高级程序设计 精通javascript javascript教程

代码区博客精选文章
分页:12
转载请注明
本文标题:New Formjacking Technique Used to Skim Payment Details Off Websites
本站链接:https://www.codesec.net/view/621373.html


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 前端(javascript) | 评论(0) | 阅读(54)