Web skimming is a practice used by hackers to steal users’ credit card details from online stores’ payment pages by injecting pieces of code into the websites’ source code. This malicious code then collects the data that unknowing shoppers input (i.e. payment account logins or credit card numbers) and sends it back to the attacker.

Researchers from cybersecurity and antivirus experts, Kaspersky, have now revealed a new technique that is being used to steal the users’ payment information.

The attackers register domains with names that resemble popular web analytics services which site administrators trust, such as Google Analytics. That way, when they inject the malicious code it conceals the fact that the webpage has been compromised from the site administrator. For example, using a domain name “goglc-analytics . com”

“This is a technique we have not seen before and one that is particularly effective. Google Analytics is one of the most popular web analytics services out there. The vast majority of developers and users trust it, meaning it’s frequently given permission to collect user data by the site administrator,” says Victoria Vlasova, Senior Malware Analyst at Kaspersky.

“That makes malicious injects containing Google Analytics accounts inconspicuous – and easy to overlook. As a rule, administrators should not assume that, just because the third-party resource is legitimate, its presence in the code is ok,” she concludes.

Kaspersky researchers say that they have also noticed another new technique for conducting web skimming attacks. Rather than redirecting the data to third-party sources, the attackers redirected it to official Google Analytics accounts.

AlSO READ:  World Cup, General Elections, Rigathi Gachagua: Here’s What Kenyans Googled in 2022

Because the data isn’t being directed to an unknown third-party resource, it’s difficult for administrators to realize the site has been compromised. For those examining the source code, it just appears as if the page is connected with an official Google Analytics account – a common practice for online stores.

Follow Techspace Africa on Facebook and Twitter. For the latest news, tech news, breaking news headlines, reviews and live updates check out tech-space.africa

Nigel Jr.
As a tech enthusiast and expert, Nigel Jr. is dedicated to providing in-depth and insightful content on all things technology. With a background in online journalism, product reviewing, and tech creation, Nigel has become a trusted source for all things tech.

You may also like