Cybercriminals Exploit Legitimate Websites for Credit Card Theft

A new Magecart-style skimming campaign has been spotted in the wild wherein threat actors host their malicious codes on legitimate sites and inject malicious code on e-Commerce sites in the next phase of the attack. To further enhance the stealthiness of their attack, the threat actors have employed Base64 encoding to obfuscate the credit card skimmer.