Over the last several weeks we’ve observed an interesting new variation of “gtag” credit card skimming attack with a surprisingly high number of detections so far. As of the time of writing this article we have seen nearly 80 detections altogether in the first two weeks alone.

Our research team and analysts have found this aptly dubbed “Caesar Cipher Skimmer” infection on multiple CMS platforms including WordPress, Magento and OpenCart.

Continue reading Decoding the Caesar Cipher Skimmer at Sucuri Blog.

Via Sucuri.net