In this specific case, the researchers discovered that when a user visits the compromised website, the skimmer loads the payment overlay and asks the user to enter payment information.
“Online shopping activity is constantly increasing due to its ease of use, digital transformation and convenience. Skimmer groups continue to infect e-commerce sites in large numbers and improve their techniques to stay undetected,” the report concludes. “Historically, Magento e-commerce sites have been the most targeted victims of skimmer attacks. When using an e-commerce website, be sure to only use known and legitimate platforms.
Follow me on Twitter: @securityaffairs and Facebook
(Security cases – hacking, Log4Shell)