Credit card skimmer operators have begun using an innovative technique to introduce plausible PayPal frames and hack the checkout process in compromised online stores. Attackers steal payment and personal information provided by customers on hacked e-Commerce sites and send it to remote servers under their control.
A new tactic for stealing information about online shoppers ' payment cards has been introduced. detected a Twitter user using the alias Affable Kraut. According to the expert, the malicious script was hidden inside an image hosted on the compromised store's server using steganography. The skimmer intercepts and steals all order form data entered by victims and sends it to the attackers ' servers.
This is where the similarity with normal skimmer scripts ends, since the stolen order data is also later used to pre-fill out fake PayPal payment forms that will be entered and displayed during the checkout process instead of legitimate forms.
The skimmer also analyzes purchase information before using it to fill out PayPal forms, and "if the data is useless, it actually sends a message back to the page on the victim's site," removing malicious frames from the checkout page.
When the victim is redirected to the PayPal order page, the fact that It is already partially filled will add credibility to the fraudulent scheme and increase the chances of successful theft of payment data.
A new tactic for stealing information about online shoppers ' payment cards has been introduced. detected a Twitter user using the alias Affable Kraut. According to the expert, the malicious script was hidden inside an image hosted on the compromised store's server using steganography. The skimmer intercepts and steals all order form data entered by victims and sends it to the attackers ' servers.
This is where the similarity with normal skimmer scripts ends, since the stolen order data is also later used to pre-fill out fake PayPal payment forms that will be entered and displayed during the checkout process instead of legitimate forms.
The skimmer also analyzes purchase information before using it to fill out PayPal forms, and "if the data is useless, it actually sends a message back to the page on the victim's site," removing malicious frames from the checkout page.
When the victim is redirected to the PayPal order page, the fact that It is already partially filled will add credibility to the fraudulent scheme and increase the chances of successful theft of payment data.
