Categories: NewsTech

Kaspersky: Online shoppers’ credit card details at risk to new “web skimming” hack via Google Analytics

Researchers over at cybersecurity company Kaspersky have discovered a new method used by attackers to steal payment details—including credit card information—from e-commerce websites. What’s worrying is that the technique involves Google Analytics accounts, with an estimated 24 websites already affected.

Victoria Vlasova, Senior Malware Analyst at Kaspersky, explains that this method of attack is a new discovery, and the widespread use of Google Analytics makes it even more dangerous:

“This is a technique we have not seen before, and one that is particularly effective. Google Analytics is one of the most popular web analytics services out there. The vast majority of developers and users trust it, meaning it’s frequently given permission to collect user data by site administrators.”

But first: What is web skimming?

Web skimming isn’t exactly new, with Kaspersky explaining that the technique has been used to steal payment information from online stores in the past. Basically, malicious code is inserted into the source code of a e-commerce website, which then collects users’ payment details, before sending them back to the hackers.

Usually, these attackers use domain names that appear to be legitimate, often with a single letter that indicates the fakeness of the domain (ie. googlee-analytics). But with this new method of web skimming, Kaspersky says that the data is actually rerouted to official Google Analytics accounts—which makes the attack even more difficult to detect.

These malicious parties register real accounts with Google Analytics, redirect users’ credit card info via the inserted malicious code to their accounts, and then configure the accounts to collect private user data. As an extra safeguard against detection from domain holders (for e-commerce and other affected sites), the attackers’ code ensures that if a site administrator attempts to debug a website’s source code, the attackers’ previously inserted code is not executed (and thus, isn’t detected).

How to protect yourself, and your credit card information

Google has been notified about the vulnerability, with preventive measures expected sometime soon from the search engine giants. In the meantime, Kaspersky recommends using a reliable security solution that has the capability to detect (and block) malicious code from being executed.

Kaspersky’s own Security Cloud solution does this, while it can also disable Google Analytics from being used altogether. However, it’s worth noting that Google Analytics is a tool that is used by millions of websites all around the world to track domain metrics, and until a permanent solution is found, site domain administrators will have to be extra wary when examining a site’s source code.

To find out more about web skimming, click here.

Recent Posts

Gentari x MBPP turn on 120kW DC Charger near Maybank Tanjung Bungah

Gentari x MBPP continue to deploy more street-level EV chargers on the Island and the…

9 hours ago

Proton S70 revealed as the official Madani Taxi: A modern makeover for Malaysia’s taxi

Prime Minister Anwar Ibrahim has revealed the Proton S70 1.5T i-GT Premium which was launched…

13 hours ago

Not just for EVs: Malaysian taxis are getting the new JPJePlate

Two years ago, the Road Transport Department (JPJ) introduced the JPJePlate which sets the new…

18 hours ago

Why some ATMs are still charging RM1 for cash withdrawals despite the fee waiver

Effective 1st July 2026, Malaysians can make unlimited ATM cash withdrawals for free at over…

19 hours ago

JomCharge x DBKL turn on new 100kW DC Charger at Kuchai lama

JomCharge x DBKL continue to turn on more street-level EV charging locations in Kuchai Lama…

23 hours ago

Porsche Taycan and Macan EV prices surge in Malaysia: Up to RM410k higher

Porsche has recently updated the price of its EV lineup in Malaysia, and the changes…

2 days ago

This website uses cookies.