Card Stealer Malware Uses New Evasion Technique
August 4, 2021
August 4, 2021 Twitter Get Permission A new card stealer malware campaign that loads JavaScript malware from blocked domain lists to evade detection is targeting e-commerce sites that run Adobe s Magento software, security firm Sucuri reports.
Sucuri says one of its clients reported receiving warnings from its antivirus program when navigating to its checkout page. Researchers then found that threat actors were loading the JavaScript from at least 60 blocked domains that had been blacklisted for distributing carding malware.
The threat actors further obfuscated the malicious script by making it appear like JavaScript tied to a website animation component.