Tomcat
Professional
- Messages
- 2,695
- Reaction score
- 1,060
- Points
- 113
Earlier this year, researchers encountered two competing web skimmers on a French website. Now the trend is being continued by cybercriminals discovered by Visa, who are trying to steal profits from their colleagues. In February 2021, Malwarebytes specialists came across two malicious scripts that exploit vulnerabilities in the Magento platform. Moreover, it is interesting that the second script was downloaded from a third-party source and tried to intercept everything that the first one collected.
Now representatives of the Visa payment system have also noted the tendency of cybercriminals to try to take away loot from their “colleagues”. For example, attackers specifically look for resources already infected with web skimmers and inject their own malicious scripts there. As Visa told RIA Novosti, researchers identified at least 45 such campaigns throughout 2020. The same development was observed in 2021. Visa emphasized the role of the Telegram messenger, which criminals often use to manage attacks.
Director of the design department of the company "Gazinformservice" Alexander Kalita spoke about the new hacker trend: “The number of successful online stores and trading platforms with vulnerabilities is limited and finite. To increase their profits, attackers try to cover as large a volume of such trading platforms as possible.
Moreover, the number of vulnerable web applications and websites decreases over time, so it is not surprising that it has now reached the point where different hacker groups have begun to overlap with each other in capturing such points of interest. For ordinary Internet users, this does not in any way reduce the danger and degree of risk.
We can only recommend that owners of trading platforms review the web application code and conduct penetration testing of the site to eliminate threats from attackers. As for the Telegram application, it has rich capabilities in terms of pairing the Telegram channel and external programs.
This allows you to automate many actions, and most importantly achieve complete anonymity. The main thing to understand here is that Telegram is just a tool and the problem lies not in it, but in people who commit illegal actions.” Let us recall that this month experts found a web skimmer hidden in a GTM container in more than 300 online stores. It turned out that the attackers created their own GTM container with malicious content and quietly uploaded it to the hacked site.
(c) https://www.anti-malware.ru/news/2021-12-16-111332/37770
Now representatives of the Visa payment system have also noted the tendency of cybercriminals to try to take away loot from their “colleagues”. For example, attackers specifically look for resources already infected with web skimmers and inject their own malicious scripts there. As Visa told RIA Novosti, researchers identified at least 45 such campaigns throughout 2020. The same development was observed in 2021. Visa emphasized the role of the Telegram messenger, which criminals often use to manage attacks.
Director of the design department of the company "Gazinformservice" Alexander Kalita spoke about the new hacker trend: “The number of successful online stores and trading platforms with vulnerabilities is limited and finite. To increase their profits, attackers try to cover as large a volume of such trading platforms as possible.
Moreover, the number of vulnerable web applications and websites decreases over time, so it is not surprising that it has now reached the point where different hacker groups have begun to overlap with each other in capturing such points of interest. For ordinary Internet users, this does not in any way reduce the danger and degree of risk.
We can only recommend that owners of trading platforms review the web application code and conduct penetration testing of the site to eliminate threats from attackers. As for the Telegram application, it has rich capabilities in terms of pairing the Telegram channel and external programs.
This allows you to automate many actions, and most importantly achieve complete anonymity. The main thing to understand here is that Telegram is just a tool and the problem lies not in it, but in people who commit illegal actions.” Let us recall that this month experts found a web skimmer hidden in a GTM container in more than 300 online stores. It turned out that the attackers created their own GTM container with malicious content and quietly uploaded it to the hacked site.
(c) https://www.anti-malware.ru/news/2021-12-16-111332/37770
