Hackers hide Magecart script in favicon image's EXIF data to steal credit card details

EXIF format enables people to store interchange information in digital photography image files using JPEG compression

Hackers are hiding Magecart script in favicon image's EXIF data to steal credit card details

Dev Kundaliya
26 June 2020

Tweet
Facebook
LinkedIn
Send to

Researchers at cyber security firm Malwarebytes have discovered a new Megecart campaign that used malicious scripts hidden in the EXIF data of a favicon image to steal payment card details of customers....

To continue reading...

Upgrade

Computing helps IT leaders to make technology a revenue and innovation engine for their businesses. Our unique package of news and analysis enables you to discover what the smartest minds in the industry are doing and scan the horizon for what’s next

REAL-TIME NEWS AND ANALYSIS: find out what’s happening and why in the technology space including news on your competitors and regulators – delivered to your desktop or mobile in a daily newsletter
MARKET TRENDS: learn about the implications for you of the latest shifts in everything from AI to machine learning and blockchains – evaluated in a new monthly editor’s newsletter for CIOs
CIO INTERVIEWS: find out what fellow IT leaders are doing and why

REvil gang wants Apple to pay $50 million in ransom in exchange of leaked data

REvil gang wants Apple to pay $50m in ransom in exchange of leaked product design data

The group claims it exfiltrated Apple product data after breaching Taiwanese supplier Quanta Computer

Hacking
22 April 2021

Security researchers disrupt 'sophisticated' Pareto Android ad fraud botnet

Hackers infected Android devices with malware that mimicked millions of connected TV products to generate fake ad views

Hacking
22 April 2021

Fin7 sysadmin gets 10-year sentence in US hacking case

The notorious cyber gang has targeted thousands of businesses including restaurants, retailers and gambling firms since emerging in 2014

Hacking
20 April 2021

University of Hertfordshire cancels live online teaching following cyber attack

Hertfordshire the latest in a series of cyber attacks on educational institutions in the UK over the past few months

Hacking
16 April 2021

Clubhouse denies report of data leak for 1.3 million users

Clubhouse denies report of data leak affecting 1.3 million users

Social media company says that the data referred to is all public profile information that can be accessed via their app or API

Hacking
12 April 2021

Mitigating Ransomware Attacks

Desklix: Digital Workplace

Going cloud native: Why the cloud should be your database default

AI & Machine Learning Awards 2021

Endpoint Management and Security Hub