Articles Guess who is on Telegram now? Magecart...

Guess who is on Telegram now? Magecart…

-

Criminal Hackers related to the Magecart collective are now using Telegram as a channel for sending stolen credit-card information back to its command-and-control (C2) servers.

The e-commerce card-skimming trojan has been caught using the popular messaging app to exfiltrate data with the benefit of blending everything with normal traffic, making it harder to detect.

Recent campaigns have shown data like name, address, credit-card number, expiry and CVV being relayed via an instant message sent to a private Telegram channel.

As Jérôme Segura at Malwarebytes said: “Telegram is a popular and legitimate instant messaging service that provides end-to-end encryption, [and] a number of cybercriminals abuse it for their daily communications but also for automated tasks found in malware”.

Attackers have used Telegram to exfiltrate data before, though the mechanism remains a rarity. Last September, a freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” was found using Telegram bots as its C2 mechanism. Masad harvests information from Windows and Android users and also comes with a full cadre of other malicious capabilities, including the ability to steal cryptocurrency from victims’ wallets.

This news comes after a number of different researchers reported a marked uptick in the number of shopping and e-commerce sites being attacked by groups just like Magecart. Their preferred method? Either vulnerability expoit or simple stolen credentials from the admins.

Then its business as always for the attackers who then proceed to injected a web skimmer, which exfiltrates personal and banking information entered by customers during the online checkout process.

Seems like there’s no rest for the wicked…

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you