Hackers hide Magecart script in favicon image's EXIF data to steal credit card details

clock • 2 min read

EXIF format enables people to store interchange information in digital photography image files using JPEG compression

Researchers at cyber security firm Malwarebytes have discovered a new Megecart campaign that used malicious scripts hidden in the EXIF data of a favicon image to steal payment card details of custo...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
BA, Boots and BBC among companies targeted in cyberattack

Hacking

Ransomware group Clop claims it is behind the mass hack

clock 06 June 2023 • 4 min read
'IT failure' causes more Heathrow flight delays for BA

Systems Management

British Airways was hit by another IT systems outage at Heathrow Airport on Wednesday, causing huge delays for passengers.

clock 31 March 2022 • 3 min read
British Airways says it has resolved IT issue that caused more than 150 flights to be cancelled

Services

The outage was not caused due to a cyber attack, BA said

clock 28 February 2022 • 3 min read
Most read
02
03

65 years of COBOL. Timeless, or time's up?

12 September 2024 • 6 min read
05

Avis notifies customers of data breach

10 September 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Hacking

TfL revises statement on customer data theft after cyber-attack

TfL revises statement on customer data theft after cyber-attack

The incident continues to disrupt online services

clock 12 September 2024 • 2 min read
Avis notifies customers of data breach

Avis notifies customers of data breach

Personal Information of nearly 300,000 car rental customers exposed

clock 10 September 2024 • 3 min read
Transport for London restricts access to live travel data amid cyberattack

Transport for London restricts access to live travel data amid cyberattack

No update given since Friday

clock 08 September 2024 • 2 min read