Researchers over at cybersecurity company Kaspersky have discovered a new method used by attackers to steal payment details—including credit card information—from e-commerce websites. What’s worrying is that the technique involves Google Analytics accounts, with an estimated 24 websites already affected.
Victoria Vlasova, Senior Malware Analyst at Kaspersky, explains that this method of attack is a new discovery, and the widespread use of Google Analytics makes it even more dangerous:
“This is a technique we have not seen before, and one that is particularly effective. Google Analytics is one of the most popular web analytics services out there. The vast majority of developers and users trust it, meaning it’s frequently given permission to collect user data by site administrators.”
Web skimming isn’t exactly new, with Kaspersky explaining that the technique has been used to steal payment information from online stores in the past. Basically, malicious code is inserted into the source code of a e-commerce website, which then collects users’ payment details, before sending them back to the hackers.
Usually, these attackers use domain names that appear to be legitimate, often with a single letter that indicates the fakeness of the domain (ie. googlee-analytics). But with this new method of web skimming, Kaspersky says that the data is actually rerouted to official Google Analytics accounts—which makes the attack even more difficult to detect.
These malicious parties register real accounts with Google Analytics, redirect users’ credit card info via the inserted malicious code to their accounts, and then configure the accounts to collect private user data. As an extra safeguard against detection from domain holders (for e-commerce and other affected sites), the attackers’ code ensures that if a site administrator attempts to debug a website’s source code, the attackers’ previously inserted code is not executed (and thus, isn’t detected).
Google has been notified about the vulnerability, with preventive measures expected sometime soon from the search engine giants. In the meantime, Kaspersky recommends using a reliable security solution that has the capability to detect (and block) malicious code from being executed.
Kaspersky’s own Security Cloud solution does this, while it can also disable Google Analytics from being used altogether. However, it’s worth noting that Google Analytics is a tool that is used by millions of websites all around the world to track domain metrics, and until a permanent solution is found, site domain administrators will have to be extra wary when examining a site’s source code.
To find out more about web skimming, click here.
Malaysia Airlines has temporarily grounded its brand new Airbus A330neo after completing four commercial flights.…
Pro-Net recently revealed that you only need to service the new Proton e.MAS 7 EV…
The Proton e.MAS 7 is one of the most value for money SUVs at the…
Samsung has announced that it will be holding its press conference titled "AI for All:…
Modern smartphones are very capable computing devices, thanks to powerful hardware trickling down the price…
If you're a CelcomDigi Postpaid 5G customer and can't get fibre broadband for your home,…
This website uses cookies.