Hackers abused Stripe and Google Tag Manager to launch a credit card theft campaign and host stolen payment details
- Attackers abuse Stripe API via Google Tag Manager
- Malware skims checkout data from compromised Magento sites
- Stolen card details exfiltrated through api.stripe.com
Cybercriminals have turned Stripe into a malware hosting platform, in a new attack that steals people’s payment information from online shoppers. This is according to cybersecurity researchers Sansec, who discovered the campaign earlier this week.
Sansec says that the attackers managed to compromise certain Magento/Adobe Commerce store websites, and add a malicious Google Tag Manager (GTM) container.
However, when a shopper visits the website, the browser loads the GTM container from Google’s servers, and when they reach checkout, the GTM code makes a request to Stripe’s API.
Stealing the information
GTM is a free tool that lets website owners manage tracking, analytics, and other scripts on a website without directly modifying the site's code. Since GTM is a widely used tool, loading code from googletagmanager.com looks completely...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE
