Hackers are hiding credit card skimmers in online images

published 27.06.2020 11:57

by Shawn Knight from techspot.com

The big picture: Security researchers with Malwarebytes recently unmasked a clever tactic being used by hackers to steal credit card data from an online store created with WordPress, a popular content management system.

Using images for nefarious purposes is not new although Malwarebytes said this is the first time they’ve seen a credit card skimmer used in this sort of attack.

At the onset of its investigation, Malwarebytes’ threat analysis team thought it might be another case of a credit card skimmer masquerading as a favicon but further digging uncovered something entirely different.

Rather than hiding malicious code used to steal credit card information in a website’s favicon, the hackers had embedded it within the metadata of an image file which then gets covertly loaded by a compromised online store.

Once activated, the skimmer grabs data from the input fields of an online store where shoppers key in their name, billing address and payment card details.