Skimmers in Images & GitHub Repos

Skimmers in Images & GitHub Repos

MalwareBytes recently shared some information about web skimmers that store malicious code inside real .ico files.

During a routine investigation, we detected a similar issue. Instead of targeting .ico files, however, attackers chose to inject content into real .png files — both on compromised sites and in booby trapped Magento repos on GitHub.

Googletagmanager.png

Our security analyst Keith Petkus found this piece of malware injected on a compromised Magento 2.x site.

Continue reading Skimmers in Images & GitHub Repos at Sucuri Blog.

Via Sucuri.net

Tags: ,