This is how social networking sites steal you without realizing it, as cybercriminals have created a new type of malware on the web that hides inside the images used for the buttons of social networking sites, with the aim of theft Credit card information entered on payment forms in online stores.
The malware - known as a web skimmer, or Magecart script - was spotted in online stores between June and September. It was first spotted by the Dutch information security company Sanguine Security.
While this particular form of malware has not been widely publicized, its discovery indicates that Magecart gangs are constantly developing their own malicious gimmicks.
Hide your privacy
On a technical level, the detected malware uses a technique known as steganography. This technique refers to hiding information in another format, for example, hiding text inside images.
In the world of malware attacks, steganography is often used as a way to hide malicious code from antivirus programs, by placing malicious code inside files that appear to be virus-free.
Over the past years, the most common form of steganography attack has been to hide malicious payloads inside image files, which are usually stored in PNG or JPG formats.
And in the world of malicious software called Magecart scripts, steganography works because most of them are usually hidden in JavaScript code, not inside image files.
However, the technology has slowly seen some use among Magecart scripts, after previous steganography attacks used website logos, product images, or favicons to hide malware payloads.
How to protect your accounts from theft?
For those who want to protect themselves from this type of malware, users have very few options, as this type of code is usually invisible to them and very difficult to detect, even for professionals.
It is believed that the simplest way shoppers can protect themselves from magecart scripts is to use virtual cards designed for one-time payments.
Some banks or payment apps now provide these cards, which is the best way to deal with this malware on the Internet, since even if attackers manage to record transaction details, credit card data is useless because it is created for one-time use.
العربية
Afrikaans
Shqip
አማርኛ
العربية
Հայերեն
Azərbaycan dili
Euskara
Беларуская мова
বাংলা
Bosanski
Български
Català
Cebuano
Chichewa
简体中文
繁體中文
Corsu
Hrvatski
Čeština
Dansk
Nederlands
English
Esperanto
Eesti
Filipino
Suomi
Français
Frysk
Galego
ქართული
Deutsch
Ελληνικά
ગુજરાતી
Kreyol ayisyen
Harshen Hausa
Ōlelo Hawaiʻi
עִבְרִית
हिन्दी
Hmong
Magyar
Íslenska
Igbo
Bahasa Indonesia
Gaeilge
Italiano
日本語
Basa Jawa
ಕನ್ನಡ
Қазақ тілі
ភាសាខ្មែរ
한국어
كوردی
Кыргызча
ພາສາລາວ
Latin
Latviešu valoda
Lietuvių kalba
Lëtzebuergesch
Македонски јазик
Malagasy
Bahasa Melayu
മലയാളം
Maltese
Te Reo Māori
मराठी
Монгол
ဗမာစာ
नेपाली
Norsk bokmål
پښتو
فارسی
Polski
Português
ਪੰਜਾਬੀ
Română
Русский
Samoan
Gàidhlig
Српски језик
Sesotho
Shona
سنڌي
සිංහල
Slovenčina
Slovenščina
Afsoomaali
Español
Basa Sunda
Kiswahili
Svenska
Тоҷикӣ
தமிழ்
తెలుగు
ไทย
Türkçe
Українська
اردو
O‘zbekcha
Tiếng Việt
Cymraeg
isiXhosa
יידיש
Yorùbá
Zulu