The Redmond giant has shared details about the latest web skimming campaigns that utilize stealthy techniques. Microsoft warns users to be wary and deploy all preventive measures to prevent such web skimming attacks.
Hackers Switching Techniques To Hide Web Skimming Attacks – Says Microsoft
In a recent post, Microsoft has highlighted the changing techniques in the latest web skimming attacks. The tech giant pointed out how the attackers have improvised strategies to hide malicious codes to escape detection.
Web skimmers, famous for attacks from the Magecart group, are sneaky malware codes aiming to steal financial data and money. The attackers used to inject these codes into the target website’s pages by exploiting various vulnerabilities. With time, as detection techniques became common and more robust, the attackers also improvised their plans to perform stealthy attacks.
That’s what Microsoft now warns about. Briefly, the firm has mentioned three prominent means through which the threat actors now hide the web skimmers. One of the campaigns that Microsoft analyzed involved embedding obfuscated scripts in images. As stated in Microsoft’s post,
In one of the campaigns we’ve observed, attackers obfuscated the skimming script by encoding it in PHP, which, in turn, was embedded inside an image file—a likely attempt to leverage PHP calls when a website’s index page is loaded.
Moreover, they also observed some campaigns exploiting concatenated and encoded skimming host URLs and mimicking Meta Pixel (formerly ‘Facebook Pixel’) and Google Analytics scripts.
Recommendations For Defense Against Magecart Attacks
Besides, Microsoft also urged businesses and site owners to keep their websites, CMSs, and plugins up-to-date. Moreover, users should also ensure downloading any third-party plugins or tools from legitimate, official, and trusted sites.