Card skimmer code was found buried within the EXIF metadata of an image file, which would then be loaded by compromised online stores.
The technique used in documented attacks serves legitimate favicons to the bulk of a website -- but saves malicious variants for payment portal pages.
See also: Skimming code battle on NutriBullet website may have risked customer credit card data The cybersecurity firm has explored the new technique, described in a blog post published on Thursday, which is believed to be the handiwork of Magecart Group 9.
Cybercriminals making use of online credit card skimmers continue to improve their attack methods, and this time, malicious code has been found buried in image file metadata loaded by e-commerce websites.
I really appreciate you for taking the time to write me this feedback.
I received your feedback.
I am sorry!
An error occurred and we could not transfer your message.
Please try again or get in contact with us via mail.