Cybercriminals often come out with a plethora of new deception methods to launch savage attacks while flying under the radar. The latest find-out by cybersecurity solution provider Malwarebytes has found out a new deception technique used with a credit card skimming operation.
Through the method, the con artists designed a fully-fledged icon site with a plan to hack the websites and steal credit card related information.
The US-based cybersecurity company has found that the con-artists developed a new icon hosting website as their deceiving trick. However, the site MyIcons.net doesn't have any malicious code into it. While analysing, the researchers found many hacked e-commerce sites downloading their favicon or the icon shown on the browser tab from this site.
Trick under the favicon
The analysts scanned all the FabIcons on each page of the hacked websites. They didn't found anything suspicious except instances of the web skimming code which was getting loaded on the compromised sites. While analysing each page from these sites, the Malwarebytes researchers found that the icon hosting website was loading a legitimate icon for each page except one.
Malwarebytes researchers found that the MyIcons.net site was registered day back and stole all the content from a legitimate website hosted at iconarchive.com. The spoofed version of iconarchive.com looks so authentic that even the website admins got confused while inspecting the code. The reference to the icon hosting website for downloading the favicon seemed quite genuine to them.
Besides ripping the financial data, the web skimmer (or credit card skimmer) steals victims personal information too including their name, address, phone number and email address.