Credit card stealers employ advanced evasion tactics in cyberattacks

May 31, 2022
Credit Card Stealers Evasion Tactics Cyberattacks Card Skimmers Script Spoofing Malicious Scripts

Malicious threat groups employ advanced stealth tactics to make their credit card stealers undetectable by security solutions. Microsoft researchers stated that some of the recent skimming attacks that impacted several individuals are from compromised HTML and JavaScript files with low detection rates.

The reports identified the surge of skimming attacks in three distinct strategies, namely script spoofing, scripts in images, and string concatenation. These scripts aim to make the skimmers stealthier and undetectable by AV solutions.

The threat actors use the string concatenation technique to obfuscate and load the skimmer from a domain they operate. They could run the field by utilising an implant onto the targeted website.

Secondly, the script spoofing appears to be masking the skimmers with Facebook Pixel or Google Analytics. The threat groups used these logos since everyone widely uses them. It can also be challenging for security detectors to identify these tools as most websites have the same feature.

The third technique utilises malicious image files that the threat actors upload to the target server, which are masked as favicons. However, the payload contains a PHP script with a JavaScript programmed at base 64.

 

Credit card stealers are becoming more threatening as their operators upgrade their features and functions.

 

Credit card stealers currently can limit the capabilities of cyber security threat detection products while increasing their threat levels to consumers. As noticed in the current attack, the malicious groups hide their codes behind images, snippets, and web applications. These techniques are the result of the constant evolution of the threat landscape.

As of now, experts suggest that website administrators or owners should ensure that they will operate the latest version of their plugins and CMS along with the utilisation of active scanning and detection of threats.

The customers are advised to use one-time-use private cards and strict payment limits to mitigate the effects of possible skimming attacks. These strategies can also counteract the illegal activity of the actor and protect their money from any unwanted entity.

About the author