1 min read

Pipka JavaScript Skimmer Deletes Itself After Execution

Silviu STAHIE

November 15, 2019

Pipka JavaScript Skimmer Deletes Itself After Execution

Visa has identified a new type of JavaScript skimmer in the wild that can erase itself from HTML code after execution.

The malware, named Pipka, was found running on several eCommerce websites in the United States. While the basic working principle behind this JavaScript skimmer is not new, its ability to delete itself after execution caught the attention of security professionals.

Pipka was actually running on a website already infected with another skimmer, named Inter. Pipka lets attackers see what form fields are parsed and extracted, and that includes incredibly important data such as payment account number, expiration date, CVV, and cardholder name and address.

“The most interesting and unique aspect of Pipka is its ability to remove itself from the HTML code after it is successfully executed. This enables Pipka to avoid detection, as it is not present within the HTML code after initial execution,” says Visa. “This is a feature that has not been previously seen in the wild, and marks a significant development in JavaScript skimming.”

Moreover, Pipka is not a proof of concept. It was already running in the wild when the researchers from Visa Payment Fraud Disruption”s (PFD) eCommerce Threat Disruption (eTD) program found it. Which only means that it might be more widespread.

Users have few choices when it comes to JavaScript skimmers, as the process is invisible to them. However, they can safeguard against such problems by installing security software, using multi-factor authentication, enabling alerts for credit cards, and sticking only to known websites that employ 3-D Secure (Visa only.)

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Romance scammers arrested in Texas for defrauding elderly lonely hearts Romance scammers arrested in Texas for defrauding elderly lonely hearts
Graham CLULEY

September 28, 2021

3 min read
iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find
Silviu STAHIE

September 27, 2021

1 min read
Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement
Silviu STAHIE

September 27, 2021

1 min read