Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 929
- Points
- 113
Cybercriminals have begun to use cloud video hosting in cyberattacks on supply chains. On real estate websites, attackers place a malicious script that steals data entered by visitors. We are talking about web skimmers, with the help of which hackers often steal information entered into forms on various popular sites.
The targets of hacking are often online stores where users are accustomed to purchasing goods. Specialists from the Unit42 division, owned by Palo Alto Networks, drew attention to the new campaign . According to them, cybercriminals used cloud video hosting to insert skimmer code into the video player. Thus, when the mentioned video player is embedded on the site, a malicious script is automatically added with it. In total, Unit42 researchers discovered more than 100 web resources compromised as part of this campaign.
Fortunately, experts notified the owners of the cloud video hosting service and helped remove the malicious code from the affected sites. However, these attacks are yet another reminder of the resourcefulness of modern cybercriminals. As experts noted, the affected video platform allows you to create players that can include JavaScript code for customization.
The affected real estate websites embedded a video player that used a static JavaScript file hosted on a remote server. Unit42 experts believe that attackers gained access to the file and modified it by adding a malicious web skimmer script. The malicious code is specially obfuscated so as not to arouse suspicion among users and security measures.
Last month we wrote about a web skimmer that was hidden in a Google Tag Manager container and found in 316 online stores. This tactic, according to cybersecurity experts, allowed the malware to remain hidden for months.
(c) https://www.anti-malware.ru/news/2022-01-05-1447/37904
The targets of hacking are often online stores where users are accustomed to purchasing goods. Specialists from the Unit42 division, owned by Palo Alto Networks, drew attention to the new campaign . According to them, cybercriminals used cloud video hosting to insert skimmer code into the video player. Thus, when the mentioned video player is embedded on the site, a malicious script is automatically added with it. In total, Unit42 researchers discovered more than 100 web resources compromised as part of this campaign.
Fortunately, experts notified the owners of the cloud video hosting service and helped remove the malicious code from the affected sites. However, these attacks are yet another reminder of the resourcefulness of modern cybercriminals. As experts noted, the affected video platform allows you to create players that can include JavaScript code for customization.
The affected real estate websites embedded a video player that used a static JavaScript file hosted on a remote server. Unit42 experts believe that attackers gained access to the file and modified it by adding a malicious web skimmer script. The malicious code is specially obfuscated so as not to arouse suspicion among users and security measures.
Last month we wrote about a web skimmer that was hidden in a Google Tag Manager container and found in 316 online stores. This tactic, according to cybersecurity experts, allowed the malware to remain hidden for months.
(c) https://www.anti-malware.ru/news/2022-01-05-1447/37904
