In a coordinated international effort led by Greece, law enforcement agencies from 17 countries have notified over 400 online merchants about digital skimmer infections. The operation, supported by Europol and Group-IB, identified two dozen new digital skimmers, also known as JavaScript-sniffers, which cybercriminals inject into legitimate websites to steal personal and credit card information. Group-IB, a threat intelligence firm, highlights the prevalence of 132 digital skimmer families to date. Some of the identified skimmers in this operation include AngryBeaver, ATMZOW, FirstKiss, FakeGA, health_check, Inter, and R3nin. Digital skimming, a practice that has grown in scale and sophistication, involves extracting credit card details from infected websites, and both Europol and Group-IB warn that the theft may go unnoticed for an extended period. The stolen payment card data is often sold to other cybercriminals or used for various fraudulent activities, including checking the validity of the information through illicit services. Earlier this year, a Russian national was charged in the US for operating such a service, estimated to have checked millions of cards annually.
Read more: https://www.securityweek.com/police-warn-hundreds-of-online-merchants-of-skimmer-infections/