Author Topic: Hackers Steal Payment Card Data Using Rogue Iframe Phishin  (Read 111 times)

Offline Antus67

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4079
    • View Profile
Author:  Sergiu Gatlan

Cybercriminals have upgraded their credit card skimming scripts to use an iframe-based phishing system designed to phish for credit/debit card info from Magento-powered store customers on checkout.

Magecart groups usually inject JavaScript-based payment data skimmers within the code of the website, with the scripts collecting and exfiltrating payment information in the background and customers never even noticing that it happened.

In this case, as Malwarebytes security researcher Jérôme Segura discovered, the crims injected their credit card stealer scripts within every page of the hacked websites and configured it to pop-up as a phishing form asking the buyers to provide the info themselves.

full article here:
Windows Defender
VoodooShield 5.01
Trojan Remover