A new JavaScript skimmer dubbed Pipka attacks eCommerce websites to steal the payment data entered into online payment forms of the websites. It extracts details such as payment account number, expiration date, CVV, and cardholder name and address, from the checkout pages. The Pipka found to be installed on more than sixteen eCommerce websites, the attack campaign detected by Visa Payment Fraud Disruption’s (PFD) eCommerce Threat Disruption (eTD) program. Pipka Play Around Stealthy The use of web skimmers emerges as a turnkey business for cybercriminals and they continue to target online stores to exfiltrate users’ payment card details. Pipka has a special ability when compared to other online skimmers, it is capable of removing itself from the HTML codes of the compromised website once it completes the execution. This new interesting feature gives pipka an ability to play around stealthy and it marks a significant development in JavaScript skimming . Threat actors
The Hacks001 blog is the most popular, independent and trusted source for the latest news headlines on cybersecurity, hacking, computer security, cybercrime, privacy, vulnerabilities and technology for all businesses, information security professionals and hackers worldwide.