Cybercriminals use all kinds of tricks to try to legitimize malicious websites, files, emails, and other content in hopes of trapping unsuspecting users. A new malware campaign analyzed by cybersecurity firm Malwarebytes employs a particularly deceptive strategy to empower credit card skimming attacks.
In a card skimming campaign, hackers gain access to an e-commerce site and hide malicious code on that site. When a customer checks out and enters the credit card information to pay for the purchase, the card details are captured by the criminals behind the operation without the user’s knowledge.
In a blog post published Wednesday, Malwarebytes described the process through which one particular website is serving as a host for skimming attacks. On the surface, a site named myicons.net looks innocent enough as it offers images and icons for people to download. Among the images available are favicons, which are icons that appear on a website’s browser tab as a means of branding or identification.
Upon investigation, though, Malwarebytes discovered that the domain name of myicons.net was registered just a few days prior and hosted on a server previously identified as malicious. Further, myicons.net appropriated all its content from another site named iconarchive.com simply by pointing to that site within an HTML iframe.
Digging further, Malwarebytes found that several e-commerce sites were loading an Adobe Magento favicon from the myicons.net domain. Though the security firm suspected that this favicon was malicious, it was unable to find any extra code inside it. However, it did uncover malicious activity on the e-commerce sites that were loading the Magento favicon from myicons.net.
Instead of serving up…
Protection of critical cyber systems: Canada introduces new legislation under Bill C-26
On June 14, 2022 the Government of Canada introduced Bill C-26, An Act Respecting Cyber Se…
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
