Crafty Web Skimming Domain Spoofs “https”
Credit to Author: BrianKrebs| Date: Thu, 12 Mar 2020 00:28:57 +0000
Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source code: “http[.]ps” (the actual malicious domain does not include the brackets, which are there to keep readers from being able to click on it).
Read more