Web payment card skimmers add anti-forensics capabilities

By GIXnews

Researchers have detected compromises on ecommerce sites with a new JavaScript-based payment card skimmer that uses anti-forensics techniques, including the ability to remove itself from the web page’s code after execution. Dubbed Pipka, the malicious script was found by researchers from Visa’s Payment Fraud Disruption (PFD) team on the site of a North American merchant that had been previously infected with a different skimmer called Inter. Further investigation uncovered another 16 online merchant sites infected with Pipka.

[ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ]

To read this article in full, please click here

Source:: IT news – Security