Researchers over at cybersecurity company Kaspersky have discovered a new method used by attackers to steal payment details—including credit card information—from e-commerce websites. What’s worrying is that the technique involves Google Analytics accounts, with an estimated 24 websites already affected.
Victoria Vlasova, Senior Malware Analyst at Kaspersky, explains that this method of attack is a new discovery, and the widespread use of Google Analytics makes it even more dangerous:
“This is a technique we have not seen before, and one that is particularly effective. Google Analytics is one of the most popular web analytics services out there. The vast majority of developers and users trust it, meaning it’s frequently given permission to collect user data by site administrators.”
Web skimming isn’t exactly new, with Kaspersky explaining that the technique has been used to steal payment information from online stores in the past. Basically, malicious code is inserted into the source code of a e-commerce website, which then collects users’ payment details, before sending them back to the hackers.
Usually, these attackers use domain names that appear to be legitimate, often with a single letter that indicates the fakeness of the domain (ie. googlee-analytics). But with this new method of web skimming, Kaspersky says that the data is actually rerouted to official Google Analytics accounts—which makes the attack even more difficult to detect.
These malicious parties register real accounts with Google Analytics, redirect users’ credit card info via the inserted malicious code to their accounts, and then configure the accounts to collect private user data. As an extra safeguard against detection from domain holders (for e-commerce and other affected sites), the attackers’ code ensures that if a site administrator attempts to debug a website’s source code, the attackers’ previously inserted code is not executed (and thus, isn’t detected).
Google has been notified about the vulnerability, with preventive measures expected sometime soon from the search engine giants. In the meantime, Kaspersky recommends using a reliable security solution that has the capability to detect (and block) malicious code from being executed.
Kaspersky’s own Security Cloud solution does this, while it can also disable Google Analytics from being used altogether. However, it’s worth noting that Google Analytics is a tool that is used by millions of websites all around the world to track domain metrics, and until a permanent solution is found, site domain administrators will have to be extra wary when examining a site’s source code.
To find out more about web skimming, click here.
GXBank recently marked its second anniversary with more than one million Malaysians onboard, cementing its…
Realme has just launched a new budget-oriented mid-range smartphone in Malaysia, the Realme C85 5G.…
This post is brought to you by sooka. sooka pulled a lively crowd to Pavilion…
Infinix has just announced its strategic partnership with Pininfarina for its upcoming flagship smartphones, revealed…
During Proton's Tech Showcase, the national carmaker has also highlighted its digital and connected automotive…
Digital Nasional Berhad (DNB), Malaysia's first 5G network, will soon transform into a fully private…
This website uses cookies.