Cyber Actors Scrape Credit Card Data
Other | 05/16/2022As of January 2022, unidentified cyber actors unlawfully scraped credit card data from a US business by injecting malicious PHP Hypertext Preprocessor (PHP) code into the business' online checkout page and sending the scraped data to an actor-controlled server that spoofed a legitimate card processing server. The unidentified cyber actors also established backdoor access to the victim's system by modifying two files within the checkout page. The FBI has identified and is sharing new indicators of compromise (IOCs), which may assist in network defense.
To read more, please log in

This site is operated by NetDiligence®. Links found within this site may open a new browser window and take you outside the eRiskHub to another website, the contents of which are maintained by third parties over whom NetDiligence has no control. We provide links to these external sites for your convenience and awareness. We accept no responsibility for the content of linked sites. Upon request of the content source, we will remove links.
© =date('Y');?> NetDiligence®, A Company of Network Standard Corporation