Home Security New Web Skimmer Targets Shopify, WooCommerce, Other Online Stores

New Web Skimmer Targets Shopify, WooCommerce, Other Online Stores


A new type of web skimmer is active in the wild targeting numerous platforms like Shopify, WooCommerce, and more. This skimmer runs on platforms that otherwise don’t allow custom JavaScript. Hence, the new skimmer suffices to target those platforms where conventional Magecart or JavaScript skimmers fail.

New Web Skimmer Discovered On Shopify, WooCommerce Stores

Researchers from Sansec have recently shared details about a new online skimmer active in the wild. This web skimmer targets platforms usually considered safe from such attacks, like Shopify and BigCommerce.

In fact, the researchers found the new skimmer already running on dozens of online stores hosted on BigCommerce, Shopify, Zencart, and WooCommerce.

On stores where the platforms don’t allow custom JS, the new skimmer evades the security by displaying a fake payment form to the users visiting the affected websites. Through these forms, the skimmer records the keystrokes to steal customers’ payment data.

Once the victim fills the form, an error message appears redirecting the victim to the real payment page. In this way, the victim gets no idea of the attack, whereas, the malware steals the data.

The new campaign is also different in that the attackers use programmatically-generated domains to store exfiltrated data. As Sansec explained,

It keeps a counter and uses base64 encoding to produce a new domainname.
This will lead to, for example, these exfiltration domains.

The first of these got registered on August 31, 2020.

Regarding how the attackers managed to target multiple platforms together, the researchers state,

It is remarkable that so many different platforms are compromised in the same campaign. Typically, criminals exploit a flaw in a single platform. Attackers may have breached a shared component, e.g., software or a service that is used by all affected merchants.

Thus, the customers who frequently shop online should remain very careful while entering their payment details.

The following two tabs change content below.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Source link

Related Articles

Leave a Comment