WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls.
“Instead of the usual HTTP requests or image beacons, this malware uses WebRTC data channels to load its payload and exfiltrate stolen payment data,” Sansec said in a report published this week.
The attack,

Source

What's Hot

New Phishing Platform Used in Credential Theft Campaigns

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

New Phishing Platform Used in Credential Theft Campaigns

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Our Picks

Beware of threats lurking in booby-trapped PDF files

How chatbots can help spread scams

How to tell if a voice call is AI or not

Subscribe to Updates

What's Hot

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Related Posts

Subscribe to Updates