Posted: April 7, 2020

MakeFrame Description

MakeFrame is a new digital skimmer that has already been found on at least 19 hosts – however, it is very likely that the campaign is much larger and that there are dozens of unidentified skimmers. But what is a digital skimmer? Simply put, it is a piece of code that ill-minded actors will add to the checkout page of a legitimate online store whose security has been compromised. By doing so, they do not create any obvious problems and, instead, they may extract the payment information of customers who were unlucky enough to buy something off of the store that had the skimmer planted in its files silently. Such attacks often may go unnoticed for months, and this can make threats like the MakeFrame skimmer very profitable.

Cybersecurity experts noticed many similarities between the newly found MakeFrame and previous variants of the skimmers used by the Magecart hackers. They also identified separate versions of MakeFrame that appeared to have different features – some variants were running in debugging mode and were keeping detailed logs of their activity, while others were as covert as possible. While some of the MakeFrame skimmers were planted using plain JavaScript code, the researchers also spotted several skimming scripts that were obfuscated heavily.

The Activity of Online Skimmers has been Increasing

The MakeFrame skimmer targets a wide range of online payment processors and credit cards, and it can use several techniques to exfiltrate data. Instead of sending the collected payment information to the control server of the attackers, MakeFrame may use an alternative and collectthier approach. The collected data is sent to another compromised Web server and stored there until the attackers download it manually. This makes it very difficult to keep track of MakeFrame's Command and Control server infrastructure, and it reduces the odds of identifying the attackers greatly.

Unfortunately, it seems that the COVID-19 pandemic also is being exploited by cybercrime gangs that specialize in online skimming attacks – cybersecurity experts say that the number of such attacks has increased in the past month expressively.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to MakeFrame may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.