Over the years, Internet criminals have used a multitude of methods and systems to steal our most personal data. At this time you should be alert as this is what they are now doing to steal your bank card details.
Users who usually use everything related to electronic commerce are gradually gaining experience so as not to fall into scams or traps. But at the same time, hackers invent new methods or renew old ones to obtain our banking details, among others. This is precisely the case that concerns us in these lines with a new bank card theft campaign that has been detected.
Specifically, it focuses on the hijacking of 404 error pages from the websites corresponding to online stores. After that, what they do is hide malicious code on these websites and their main objective is to steal customers’ credit card information, as expected. In reality, the attackers use a total of three variants that have been discovered by security researchers from the Akamai group.
It is worth mentioning that the other two techniques used are responsible for hiding the code in the attribute called Onerror of the HTML image tag. To all this they add a binary image file to make it appear as part of the code of the website itself.
How hackers manage to trick you
As with many of the scams that we can find online, when we see them from the outside we think that we cannot fall into the trap. However, we must keep in mind that the attackers are professionals and their main objective is precisely that, to make us fall for the deception. Well, regarding the case that we mention now, we must take into consideration that most, if not all, websites have 404 error pages.
These error pages are displayed when visitors access a website that does not exist. It may have been moved by administrators or simply has a dead link. That is precisely where attackers come into play who take advantage of the 404 Not Found page to hide and load the malicious code that will be responsible for card theft. This is something that has not been seen in previous malicious campaigns.
In fact, security experts who have discovered it consider this to be a very innovative and ingenious concealment technique. They claim that they had not encountered an attack of this nature in the past. And the idea of ​​​​manipulating the 404 error page of a target website can offer attackers several options to improve concealment and therefore the scam.
The corresponding loader of the malicious code is hidden within random online scripts already present on the shopping website itself. This means that most security tools that monitor for suspicious network requests on the payment page would miss this threat. That is precisely where one of the main risks of this campaign lies, which is responsible for stealing our bank details from the cards. In short, if when purchasing on a website we encounter an error of this type, we must be attentive.
