Crooks abuse Google Analytics to conceal theft of payment card data

reader comments

18 with 15 posters participating, including story author

Hackers are abusing Google Analytics so that they can more covertly siphon stolen credit card data out of infected ecommerce sites, researchers reported on Monday.

Payment card skimming used to refer solely to the practice of infecting point-of-sale machines in brick-and-mortar stores. The malware would extract credit card numbers and other data. Attackers would then use or sell the stolen information so it could be used in payment card fraud.

More recently, these sorts of attacks have expanded to use against ecommerce sites after hackers have compromised them. Hackers use the control they gain to install unauthorized code that runs deep inside the back-end system that receives and processes payment card date during an online transaction. The malicious code then copies the data.

Under the radar

One challenge in pulling off the hack is bypassing website security policies or concealing the exfiltration of massive amounts of sensitive data from endpoint security applications installed on the infected network. Researchers from Kaspersky Lab on Monday said that they have recently observed about two dozen infected sites that found a novel way to achieve this. Instead of sending it to attacker-controlled servers, the attackers send it to Google Analytics accounts they control. Since the Google service is so widely used, ecommerce site security policies generally fully trust it to receive data.

“Google Analytics is an extremely popular service (used on more than 29 million sites, according to BuiltWith) and is blindly trusted by users,” Kaspersky Lab researcher Victoria Vlasova wrote

Continue reading – Article source

Similar Posts:

• Why do you need a security certificate
• Easy and personalized, a money account according to AMAAR MANAGEMENT LTD
• Amazing Benefits of Webhosting
• The basics of web security
• NAS sinology storage for you