Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server

Criminals set up fraudulent infrastructure that looks like a typical content delivery network—except it isn’t. Behind it hides a credit card skimmer injected into Magento online stores.

Categories:

Tags:

(Read more…)

The post Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server appeared first on Malwarebytes Labs.

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation

We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we’ve seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.

Categories:

Tags:

(Read more…)

The post WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation appeared first on Malwarebytes Labs.

New evasion techniques found in web skimmers

As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Categories:

Tags:

(Read more…)

The post New evasion techniques found in web skimmers appeared first on Malwarebytes Labs.

Hundreds of counterfeit online shoe stores injected with credit card skimmer

A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.

Categories:

Tags:

(Read more…)

The post Hundreds of counterfeit online shoe stores injected with credit card skimmer appeared first on Malwarebytes Labs.

New version of IcedID Trojan uses steganographic payloads

We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.

Categories:

Tags:

(Read more…)

The post New version of IcedID Trojan uses steganographic payloads appeared first on Malwarebytes Labs.

The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT

Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.

Categories:

Tags:

(Read more…)

The post The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT appeared first on Malwarebytes Labs.

Magecart Group 4: A link with Cobalt Group?

Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Categories:

Tags:

(Read more…)

The post Magecart Group 4: A link with Cobalt Group? appeared first on Malwarebytes Labs.

The Hidden Bee infection chain, part 1: the stegano pack

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.