Black Friday and Cyber Monday are fast approaching, and concerns about credit card skimming are on the rise. Malwarebytes, an anti-malware provider, has issued a warning about the potential increase in this type of identity theft in the coming weeks. According to a post by Malwarebytes Labs on November 14, 2023, criminals are expected to step up their efforts to steal credit card information from ATMs, payment terminals, and compromised websites.
One specific credit card skimming campaign, known as Kritec, has gained momentum in recent months. Kritec is a type of skimmer that was first identified by Akamai in March 2023 and attributed to Magecart, a group of hackers that uses online skimming techniques to steal personal data from websites. Malwarebytes has observed several differences from previous Magecart skimming campaigns and attributed them to a different threat actor named Kritec. This malicious JavaScript code is injected into legitimate websites, particularly those using the Magento e-commerce platform, and hides within the Google Tag Manager script, making it challenging for security solutions to detect. When a customer enters their credit card information on the checkout page, Kritec steals the information and sends it to a remote server controlled by the attackers.
According to Malwarebytes researchers, the threat actors behind the Kritec campaign have gone to great lengths to customize their skimmer for each victim site, using convincing templates that are even localized in several languages. This has made the skimming process seamless and practically undetectable for online shoppers. The infrastructure for this campaign is located on the IT WEB LTD network, registered in the British Virgin Islands.
The Kritec skimming campaign experienced a surge in activity in October, following a period of reduced activity during the summer. The threat actors behind this campaign have adapted their tactics to target the holiday shopping season, hoping to capitalize on the increased volume of online transactions during this time.
As consumers gear up for the holiday shopping rush, it is essential to remain vigilant and take precautions to protect personal and financial information. Malwarebytes advises individuals to be wary of entering credit card details on unfamiliar or compromised websites, as well as to regularly monitor their bank and credit card statements for any unauthorized transactions. Additionally, organizations that operate e-commerce platforms should ensure that their websites are regularly scanned for potential security vulnerabilities and that appropriate measures are in place to detect and mitigate any malicious activity.
With the rise of credit card skimming and other forms of cyber threats, it is crucial for both consumers and businesses to stay informed and proactive in safeguarding against potential security risks. By remaining vigilant and staying informed about the latest threats, individuals and organizations can reduce the likelihood of falling victim to cybercriminals and protect their sensitive information from unauthorized access and exploitation.