A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with digital skimming.
Europol, ENISA, and private security firms Group-IB and Sansec collaborated in a joint law enforcement operation, uncovering 443 online shops affected by digital skimming. The operation is part of EMPACT priority, a law enforcement activity targeting the criminals behind online fraud schemes.
The term digital skimming refers to the criminal practice of harvesting payment information of visitors of a website during checkout. Crooks use to exploit vulnerabilities in e-commerce platforms and CMSs to inject the skimming script into the page of the e-store. In some cases, attackers can exploit vulnerabilities in installed third-party plugins and themes to inject malicious scripts.
Europol, with the support of national Computer Security Incident Response Teams (CSIRT), notified the compromised online merchants and their customers.
“Europol is participating in the digital skimming action with the aim of informing affected e-commerce platforms and other online merchants that they have been unintentional points of compromise for such stolen payment data.” reads the press release published by Europol. “Europol, national law enforcement authorities, national Computer Security Incident Response Teams and trusted private industry partners identify affected online merchants and provide technical support to these platforms to resolve the issues and protect future customers.”
Europol, along with national law enforcement, Computer Security Incident Response Teams (CSIRTs), and private industry partners, also offer technical support to resolve issues and secure impacted websites.
The operation allowed the identification of 23 families of JS-sniffers, including ATMZOW, health_check, FirstKiss, FakeGA, AngryBeaver, Inter, and R3nin.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, digital skimming)