Login

Register

Login

Register


At least 19 websites have fallen victim to a new data skimmer that appears to have been developed by threat group Magecart Group 7.

Dubbed ‘MakeFrame’ by researchers at RiskIQ, the new data skimmer has been spotted out in the wild in several different versions.

Researchers first came across the skimmer on January 24. Since then, MakeFrame has been spotted hosting skimming code, loading the skimmer on other compromised websites, and exfiltrating stolen data. 

“There are several elements of the MakeFrame skimmer that are familiar to us, but it’s this technique in particular that reminds us of Magecart Group 7,” wrote researchers.

RiskIQ has identified three distinct versions of the skimmer with varying levels of obfuscation, from clear JS code to encrypted obfuscation. Some of these appear to be dev versions running debug processes, one of which even includes a version number.

“Magecart Group 7 also used victim sites for skimmer development, as we observed when they compromised OXO in 2017 and twice in 2018,” said researchers.

The team at RiskIQ said the multiple versions of MakeFrame were evidence of threat actors’ constant hunt for new ways to cheat and steal from yet more victims. 

“This latest skimmer from Group 7 is an illustration of their continued evolution, honing tried and true techniques and developing new ones all the time. They are not alone in their endeavors to improve, persist, and expand their reach,” wrote researchers.

When studying the new threat, researchers noted that MakeFrame was targeting the same victim pool as Group 7. 

“Each of the [compromised] sites belongs to a small or medium-sized business, and none are particularly well known, with OXO being a bit of an outlier in their history.”

The nefarious data-stealing methods used by MakeFrame also echo those deployed by Magecart Group 7, sending stolen data as .php files to other compromised sites for exfiltration. 

Researchers noted that data-skimming attacks were on the rise at a time when people the world over are working and shopping from home as a result of the COVID-19 outbreak. 

“RiskIQ data shows Magecart attacks have grown 20% amid the COVID-19 pandemic. With many homebound people forced to purchase what they need online, the digital skimming threat to e-commerce is as pronounced as ever,” wrote researchers.  

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW