A new strain of e-skimming malware has been identified by researchers at RiskIQ recently. The malware is similar to Grelos which is commonly associated with Magecart. This time, the code has been rehashed and encoded numerous times to include a loader and skimmer. This specific strain was believed to be used in the attack of mobile phone service provider Boom! Mobile which was also tracked back to the Fullz House group. This group formed as the cohesion between threat actors that specialized in phishing and skimming. “In several recent Magecart compromises, we have seen increasing overlaps in infrastructure used to host various skimmers that are unrelated in terms of the techniques and code structures they employ,” stated RiskIQ. The Grelos malware has been consistently linked to Magecart Groups 1 and 2. We will know soon if this strain similar to Grelos will be used more commonly since the holidays are right around the corner and online shopping will be at its peak.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.