JS (JavaScript) Sniffers are malicious scripts that cybercriminals install on e-commerce websites to collect sensitive information from users. These scripts can capture data such as credit card numbers, login credentials, and personal information directly from the web pages where users enter them.
Here's how the threat actors work and could potentially use their properties for information collection:
The threat actor posted an advertisement thread offering banking records of customers from various undisclosed banking organizations, with a particular focus on Indian banks. The threat actor claimed to possess a massive trove of 600,000 records, highlighting the significant scale of the data breach.
As proof of compromise, the threat actor attached 129 sample records, which include the name, payment card number, expiry date, CVV, transacted amount and email address in most of the cases the threat actor stated that some of actual records also contains impacted users' browser fingerprint and user-agent details. As per the survey, both of these details are usually collected by JS Sniffers installed at e-commerce enabled websites, indicating threat actor's potential method for collecting the information.
JS Sniffers are often injected through vulnerabilities in third-party services or plugins used by e-commerce websites. This can include compromised content delivery networks, ads, or analytics scripts. The malicious JavaScript code is usually obfuscated to avoid detection by security tools and site administrators. This makes it harder to identify and remove the sniffer.
JS Sniffers are typically designed to capture data entered into forms on e-commerce websites, such as checkout pages. The script intercepts the information before it is securely transmitted to the server. Some sniffers may also function as keyloggers, capturing every keystroke made by the user on the website, which can include passwords, credit card numbers, and other sensitive data.
JS Sniffers represent a sophisticated method for cybercriminals to collect sensitive data from e-commerce websites. By understanding the properties of these sniffers and the methods used to deploy them, website administrators can take proactive steps to secure their platforms and protect their users from potential breaches.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
