Threat hunters have identified an advanced web skimming campaign targeting several merchants through a deprecated Stripe API. This method allows attackers to verify stolen card data before exfiltration, raising concerns about detection. As of now, 49 merchants have potentially been compromised, with 15 already taking measures to eliminate the harmful scripts. The attack has been in progress since August 20, 2024, utilizing JavaScript to intercept payment forms and replace the legitimate payment interface with a replica, thereby deceiving users and collecting sensitive information.
Threat hunters have warned of a sophisticated web skimmer campaign leveraging a legacy API from Stripe to validate stolen payment information.
As many as 49 merchants have been affected, with 15 taking action to remove malicious script injections to date.
Collection
[
|
...
]