Home Malware Programs Malware MakeFrame

MakeFrame

Posted: April 7, 2020

MakeFrame is a new digital skimmer that has already been found on at least 19 hosts – however, it is very likely that the campaign is much larger and that there are dozens of unidentified skimmers. But what is a digital skimmer? Simply put, it is a piece of code that ill-minded actors will add to the checkout page of a legitimate online store whose security has been compromised. By doing so, they do not create any obvious problems and, instead, they may extract the payment information of customers who were unlucky enough to buy something off of the store that had the skimmer planted in its files silently. Such attacks often may go unnoticed for months, and this can make threats like the MakeFrame skimmer very profitable.

Cybersecurity experts noticed many similarities between the newly found MakeFrame and previous variants of the skimmers used by the Magecart hackers. They also identified separate versions of MakeFrame that appeared to have different features – some variants were running in debugging mode and were keeping detailed logs of their activity, while others were as covert as possible. While some of the MakeFrame skimmers were planted using plain JavaScript code, the researchers also spotted several skimming scripts that were obfuscated heavily.

The Activity of Online Skimmers has been Increasing

The MakeFrame skimmer targets a wide range of online payment processors and credit cards, and it can use several techniques to exfiltrate data. Instead of sending the collected payment information to the control server of the attackers, MakeFrame may use an alternative and collectthier approach. The collected data is sent to another compromised Web server and stored there until the attackers download it manually. This makes it very difficult to keep track of MakeFrame's Command and Control server infrastructure, and it reduces the odds of identifying the attackers greatly.

Unfortunately, it seems that the COVID-19 pandemic also is being exploited by cybercrime gangs that specialize in online skimming attacks – cybersecurity experts say that the number of such attacks has increased in the past month expressively.

Loading...