The BlackBerry Research and Intelligence Team discovered a financially motivated skimming campaign targeting online businesses based in the Asia Pacific, North America, and South America. The team attributed the year-long campaign to a threat actor with significant Chinese language experience.

The “Silent Skimmer” campaign targeted the payment checkout page and attempted to swipe customers’ sensitive payment data as they finalized online purchases. The threat actor employed open-source tools and living-off-the-land techniques to maintain post-exploitation access and code execution capabilities on target websites. Further analysis revealed that the threat actor chose virtual private servers for C2 purposes according to the location of victim websites to increase stealthiness. This also indicates the campaign was opportunistic and did not target a specific region.

Read More:

https://thehackernews.com/2023/10/silent-skimmer-year-long-web-skimming.html