CSS-JS Steganography in Fake Flash Player Update Malware

CSS-JS Steganography in Fake Flash Player Update Malware

CSS-JS Steganography in Fake Flash Player Update Malware

This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce sites.

In a tweet, Affable Kraut also reported another similar obfuscation technique using .ico files to conceal JavaScript skimmers.

Just something I’ve noticed more recently with digital skimmers/#magecart. Obfuscated code that has a weird google-analytics[.]com URL in it, which is the proper Google controlled domain.

Continue reading CSS-JS Steganography in Fake Flash Player Update Malware at Sucuri Blog.

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest

Leave a Comment