The number of e-commerce sites infected with malware continues to increase. According to an investigation revealed by an ethical hacker from the International Institute of Cyber Security, at least seven sites (which have more than half a million visitors per month) have been infected with a new variant of payment card theft malware.
Fila.co.uk, one of the compromised sites, would have been infected since last November; according to the ethical hacker, the company had not been able to remove the malware from their systems until a couple of days ago. The other compromised sites identified so far are:
The ethical hacker mentioned that the stolen information is sent to a domain that has been active since last May, so the malware (nicknamed OGM) is likely to have been active ever since. OGM compresses the skimmer into a tiny space and remains inert when it detects that the anti-virus protections of the compromised computer are activated.
This research was revealed half a year after a similar malware infected the systems of companies like British Airways or Ticketmaster. Since then, several groups of cyber criminals have been identified specializing in the theft of payment cards.
Despite not being something new, this kind of attack continues to gain popularity; even a case where the compromised website had been infected by two different variants of skimmers was detected.
Cybersecurity experts believe that the increase in this kind of attack could be related to the fall that the value of Criptomonedas has suffered. Since the virtual asset mining is no longer profitable for hackers, they resort to other classes of cyberattack
Experts emphasize the need for trade websites to implement the necessary measures to protect their systems: “Cases such as Ticketmaster, British Airways or Fila show that any company may be the victim of an incident such as this”, the experts added.