Cyber criminals have created a new type of malware on the web that hides inside the images used for buttons of social media, in order to steal informations Credit cards that are entered into payment forms in electronic stores.
The malware – known as web skimmer, or the Magecart script – was detected in online stores between June and September. It was a Dutch information security company Sanguine Security The first to be spotted.
A discovery This is a particular form of malware It indicates that the Magecart gangs are constantly developing their malicious tricks, With It has not been widely published.
On a technical level, the detected malware uses a technique known as “hiding information”. This technique refers to hiding information in another format, for example: hiding text inside pictures.
In the world of malware attacks, the method of masking information is usually used as a way to hide the malicious code from anti-virus programs, by placing the malicious code inside files that appear to be virus-free files.
Over the past years, the most common form of steganography attacks has been hiding malicious payloads inside image files, which are usually stored in PNG or JPG formats.
However, this technology has slowly seen some use among the Magecart scripts gangs, after previous cloaking attacks used website logos, product images, or preferred icons to hide payloads of malware.
And for those who want to protect themselves from this type of malware, users have very few options, as this type of code is usually invisible to them and very difficult to detect, even for professionals.
It is believed that the simplest way for shoppers to protect themselves from magecart scripts attacks is to use virtual cards designed for one-time payment.
Some banks or payment applications currently provide these cards, and it is the best way to deal with this malware on the Internet, as even if the attackers were able to record transaction details, credit card data is useless; Because they’re single-use.