An investigation by Dutch developer Willem de Groot revealed that a host of online stores have been compromised and are stealing users’ credit card details.
De Groot says hackers gained access to the source code using unpatched security flaws.
Once a store is under control of a cybercriminal, a JavaScript wiretap is installed that funnels live payment data to an offshore collection server (mostly in Russia).
“This wiretap operates transparently for customers and the merchant. Skimmed credit cards are then sold on the dark Web,” says De Groot.
He adds that online skimming is very effective, because it is hard to detect and it is near impossible to trace the thieves.
Hackers have installed credit card skimming scripts on thousands of online stores, including numerous South African platforms, according to a recent article by MyBroadband.
Read the full article on My Office Magazine: Credit card skimming hits online stores