Jerome Segura

March 11, 2020

Crafty Web Skimming Domain Spoofs “https”

This post was originally published on this siteEarlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source code: “http[.]ps” (the actual malicious domain does not include the brackets, which are there to keep readers from being able to click on it). This crafty domain was hidden inside the checkout and login […]