We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores. However, it turned out to be different and even more devious. When we first investigated this campaign, we thought it may be another one of those favicon tricks, which we had described in a previous blog. Threat actors must have remembered that as they devised yet another way to hide their credit card skimmer in order to evade detection. They say a picture is worth a thousand words.
0 Comments
Leave a Reply. |