• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Azorult Malware – Active IoCs
November 18, 2019
Rewterz Threat Advisory – CVE-2019-13945 – ICS: Undocumented access feature in Siemens SIMATIC PLCs Code Execution Vulnerability
November 18, 2019

Rewterz Threat Alert – New JavaScript Skimmer Found on Ecommerce Sites

November 18, 2019

Severity

Medium

Analysis summary

Security researchers at Visa have uncovered a new type of JavaScript skimmer that has infected the online checkout pages for at least 17 ecommerce websites in an effort to steal payment card data. This newly discovered skimmer, dubbed “Pipka,” has the ability to remove itself from the HTML of a compromised payment website after it executes, enabling it to avoid security detection, according to the Visa researchers.

After first finding Pipka, the Visa researchers discovered the skimmer on at least 16 other online checkout pages at ecommerce sites. As with other skimmers, Pipka is designed to extract payment card account number, expiration date, card verification value number, cardholder name and address.

visaskimmercode.jpg

The creators of Pipka incorporated the self-removal technique as an extra layer of defense against security software. And while this type of avoidance technique has been spotted with desktop malware, it has not been previously incorporated into JavaScript skimmers.

Impact

Financial loss

Remediation

  • Ensure the e shopping cart, other services, and all software are upgraded or patched regularly.
  • Scan and test for vulnerabilities or malware regularly.
  • Implementation of best practices for securing e commerce.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.