Latest in Gear

Image credit: alexialex via Getty Images

Hackers are hiding virtual credit card skimmers in image file metadata

They're using a vulnerability in a WordPress plugin.
Marc DeAngelis
June 26, 2020
406 Shares
Share
Tweet
Share

Sponsored Links

stack of multicolored credit cards, close up view with selective focus
alexialex via Getty Images

Lots of people know to check ATMs and gas station credit card readers for skimmers, but it’s harder to tell when virtual ones are hidden them in websites’ payment portals. According to research from Malwarebytes, hackers put Magecart JavaScript code into the EXIF metadata of image files, which is then loaded and executed by compromised stores. Hiding malicious code inside of images is nothing new, but it’s the first time security researchers have seen them used to obscure credit card skimmers.

A recent trend among hackers has been to hide malicious code in favicons -- those icons you see in the corner of a browser tab. Malwarebytes says that it first assumed the exploit it was researching was a variation on this type of attack, but further analysis revealed it was something else entirely. The company found that the malicious code was loaded via the WooCommerce plugin for WordPress. This is an increasingly popular target among hackers, thanks to its wide market share. When loaded, it grabs payment information, such as the customer’s name, address and credit card details.

This is an important reminder that malware can be hidden anywhere. And with the ubiquity of JavaScript code, just about any device can be exploited if the proper precautions aren’t taken.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
406 Shares
Share
Tweet
Share

Popular on Engadget

'NBA 2K21' comes with a next-gen upgrade... if you spend $100

'NBA 2K21' comes with a next-gen upgrade... if you spend $100

View
Windows 10's Start menu is getting a visual refresh

Windows 10's Start menu is getting a visual refresh

View
Samsung is selling a wireless charger that also sterilizes your phone

Samsung is selling a wireless charger that also sterilizes your phone

View
Will gallium nitride electronics change the world?

Will gallium nitride electronics change the world?

View
Best Buy sale knocks 50 percent off a TCL 8-series Roku TV

Best Buy sale knocks 50 percent off a TCL 8-series Roku TV

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr