New JavaScript Skimmer Found on E-Commerce Sites


New JavaScript Skimmer Found on E-Commerce Sites (Nov 15, 2019)

Researchers at VISA have uncovered a new JavaScript Skimmer found on e-commerce sites. The new skimmer has been labelled “Pipka”. Pipka is designed to steal payment information. The JavaScript skimmer has been detected on at least 27 e-commerce sites. The skimmer attempts to steal card numbers, expiration date, card verification value (CVV) number and name and address of the victim. VISA researchers have not attributed the skimmer to any particular criminal group.

Recommendation: E-commerce sites should make efforts to check the code on their sites for any compromise in the codes integrity. Organisations can put in place controls to detect whether any data is being sent out to online locations that are out of the ordinary upon customer checkout. Controls can check the network communication against known malicious C2 data.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.