A new innovation for cyber criminals … “hackers” steal your card information

A new innovation for cyber criminals … “hackers” steal your card information

As retailers and e-store apps script domains are trusted

Researchers at cyberspace company Sansec discovered a new way by hackers using Google tools to steal e-commerce shoppers’ credit card details.

While the company was analyzing the data, researcher Eric Brundle found hackers using JavaScript code to be injected into online store websites. Where these codes steal payment orders and personal information entered by users on these sites and transfer them to a server controlled by cybercriminals under the purview of “Google’s Apps Script”.

According to popular reports: A malicious script embedded by hackers on e-commerce sites accepts the payment information entered by the user and sends it to a dedicated Google Apps script application as encrypted data, then the data is encrypted Such as redirected to the server. Technology controlled by hackers.

Attackers counter their malicious activity with malware detection solutions and a Content Security Policy (CSP).

And according to the UAE Ram news website: security researcher found that cyber criminals are taking advantage of the fact that retailers and all online stores consider Google’s apps script domain to be reliable, and insisted that web developers should let CSP attackers And as a counter notification should promote security holes, all domains Google sub warning right now.

This is not the first time that hackers have taken advantage of Google’s domain and services reputation. Last year, Sansec detected a fully-fledged hacking campaign on Google’s servers, sending stolen credit card information to Google Analytics, which tracks visitor traffic and reports about it.

A new innovation for cyber criminals … “Hackers” stole credit card information with Google app

READ  Amazon delays Primary Working day until finally Oct due to coronavirus


before this

Researchers at cyberspace company Sansec discovered a new way by hackers using Google tools to steal e-commerce shoppers’ credit card details.

While the company was analyzing the data, researcher Eric Brundle found hackers using JavaScript code to be injected into online store websites. Where these codes steal payment orders and personal information entered by users on these sites and transfer them to servers controlled by cybercriminals within the scope of “Google’s Apps Script”.

According to popular reports: A malicious script embedded by hackers on e-commerce sites accepts the payment information entered by the user and sends it to a dedicated Google Apps script application as encrypted data, then the data is encrypted Such as redirected to the server. Technology controlled by hackers.

Attackers counter their malicious activity with malware detection solutions and a Content Security Policy (CSP).

And according to the UAE Ram news website: security researcher found that cyber criminals are taking advantage of the fact that retailers and all online stores consider Google’s apps script domain to be reliable, and insisted that web developers should let CSP attackers And as a counter notification should promote security holes, all domains Google sub warning right now.

This is not the first time that hackers have taken advantage of Google’s domain and services reputation. Last year, Sansec detected a fully-fledged hacking campaign on Google’s servers, sending stolen credit card information to Google Analytics, which tracks visitor traffic and reports about it.


As retailers and e-store apps script domains are trusted

Researchers at cyberspace company Sansec discovered a new way by hackers using Google tools to steal e-commerce shoppers’ credit card details.

While the company was analyzing the data, researcher Eric Brundle found hackers using JavaScript code to be injected into online store websites. Where these codes steal payment orders and personal information entered by users on these sites and transfer them to a server controlled by cybercriminals under the purview of “Google’s Apps Script”.

According to popular reports: A malicious script embedded by hackers on e-commerce sites accepts the payment information entered by the user and sends it to a dedicated Google Apps script application as encrypted data, then the data is encrypted Such as redirected to the server. Technology controlled by hackers.

Attackers counter their malicious activity with malware detection solutions and a Content Security Policy (CSP).

And according to the UAE Ram news website: security researcher found that cyber criminals are taking advantage of the fact that retailers and all online stores consider Google’s apps script domain to be reliable, and insisted that web developers should let CSP attackers And as a counter notification should promote security holes, all domains Google sub warning right now.

This is not the first time that hackers have taken advantage of Google’s domain and services reputation. Last year, Sansec detected a fully-fledged hacking campaign on Google’s servers, sending stolen credit card information to Google Analytics, which tracks visitor traffic and reports about it.

About the author: Seth Grace

"Social media trailblazer. Music junkie. Evil student. Introvert. Typical beer fan. Extreme web ninja. Tv fanatic. Total travel evangelist. Zombie guru."

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *