New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Entry Level MageCart Style Card Skimming Kit Being Sold on Criminal Forum

Originally reported by ZDNet, an easily usable MageCart-style card skimming kit named Inter has been making the rounds on Darknet forums and marketplaces. Complete with sniffers, data extraction tools, various injection modes, and scripts targeting several of the marketplace platforms, this kit carries a price tag of $1300, or $1,000 with a 30/70 revenue split option. According to a report by RiskIQ, Inter has been used in over 1,500 skimmer infections and is one of the more popular card skimming kits available for threat actors.

Analyst Notes

Companies operating e-commerce sites should be aware of the rise in the prevalence of attacks that implant JavaScript code to steal payment card numbers from checkout pages. Carefully monitoring and validating all changes to websites, as well as monitoring servers for any unauthorized logins or unexpected activity, is important to protect sites from this type of attack. Since many card skimming attacks originate from poor vulnerability management on WordPress sites, Binary Defense recommends ensuring that all plugins and themes are up to date. Additionally, from the consumer side, Binary Defense recommends the use of virtual credit cards, which are uniquely generated credit cards that can act as a proxy during online shopping. This method will help protect consumers from credit card theft.