Cyber Security News

440+ Online Shops Hacked to Install Credit Card Stealing Malware

Threat actors have been identified to have compromised more than 440+ online merchants to steal customers’ credit card or payment data. It has been discovered that threat actors have been using the digital sniping technique to steal these data.

However, all the merchants have been notified about this compromise and recommended to take necessary actions to prevent these attacks. Europol and Group-IB have acted together alongside ENISA and EMPACT in gathering the threat intelligence data for this operation.

17 Countries and 132 Sniffers

According to the reports shared with Cyber Security News, the threat intelligence data gathered about this Digital Skimming attack revealed that threat actors have been using JavaScript sniffers on compromised websites to collect payment data.

23 Detected sniffer families were found, inclusive of ATMZOW, health_check, FirstKiss, FakeGA, AngryBeaver, Inter, and R3nin, which were used against companies in 17 different countries in the European Union, including Colombia, Croatia, Finland, Germany, Georgia, Hungary, Moldova, Netherlands, Poland, Romania, Spain, United Kingdom, and the United States.

Data Theft Goes Unnoticed Often

Digital Skimming goes unnoticed for a long period as the collected data could be used by threat actors by any means. Most often, they are sold in Darknet marketplaces, which are then used by other underground cybercriminals for illicit transactions.

Moreover, Customers and Merchants cannot know that their data was compromised unless an illegal transaction has been made. This operation was conducted after several information was collected about the threat actors.

The collected threat intelligence data comprises infected websites, detected malware signatures, the extracted domains, gates, and URLs used by attackers to collect data or load other malware, as well as instructions on where to find the malware used to launch digital skimming attacks.

Furthermore, a complete report about this operation has been published, providing detailed information about the operations, actions, and other information.


Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.

Recent Posts

LATRODECTUS Loader Getting Popular Among Cybercriminals, Is It Replacing ICEDID!

Hackers use loaders to bypass security measures and run harmful code in a genuine process's…

2 hours ago

30+ Tesla Cars Hacked Using Third-Party Software

A security researcher identified a vulnerability in TeslaLogger, a third-party software used to collect data…

2 days ago

How to Use Threat Intelligence Feeds for SOC/DFIR Teams

Threat intelligence feeds provide real-time updates on indicators of compromise (IOCs), such as malicious IPs…

2 days ago

YARA-X, The Malware Researchers Toolbox Evolved

Malware experts all over the world can't do their jobs without YARA. YARA has been…

2 days ago

SugarGh0st RAT Attacking Organizations & Individuals in AI Research

The cybersecurity company Proofpoint has found a new operation using the SugarGh0st Remote Access Trojan…

2 days ago

New Cyber Attack Targeting Facebook Business Accounts

The email campaign impersonates the Facebook Ads Team to trick users into clicking a malicious…

2 days ago