Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Online stores are being hijacked with fake forms to steal credit card details

Credit card information for sale

Cybersecurity researchers from Malwarebytes have discovered a new credit card information stealing campaign that uses complex, legitimate-looking payment forms that are very hard to spot for the average user.

The researchers spotted multiple online ecommerce stores being breached, and a modal being placed on top of their actual payment forms. 

The modals are HTML content overlaid over the top of the main webpage, which allows the user to interact with the login forms and notifications without leaving the site.

Hiding in plain sight

The modals look so good, (in some cases even being “better than the original”) that it’s almost impossible for the average user to discover anything amiss. In one of the campaigns, the researchers said, the modal displayed the site’s brand logo, correct language, and “elegant interface elements”.

Victims who try to buy something from these compromised websites would get a bogus error message which would redirect them to the actual payment URL to try and repeat the payment. That way hackers made sure their modals remained inconspicuous for as long as possible. The hackers would also plant a cookie on the endpoint of the victim, in order to prevent duplicate entries.

When it comes to discovering who the threat actors behind the campaign are, the jury is still out. Malwarebytes’ researchers speculate that it might be MageCart. However, they also said one of the victims was compromised by the Kritec campaign, which is a JavaScript skimmer Malwarebytes first found on Magento stores more thana year ago.

"It is possible multiple threat actors are involved in those campaigns and customizing skimmers accordingly," reads the report. "While many hacked stores had a generic skimmer, it appears the custom modals were developed fairly recently, maybe a month or two ago."

It seems we might have to go back to one-time private cards with charge limits, to prevent our hard-earned money from getting into the wrong hands.

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.