Summary: A web skimmer compromised the Casio UK website and 16 others, harvesting customer information through an altered payment process instead of the typical checkout page. The skimmer was active between January 14 and January 24 and implemented a deceptive information collection method. Poor content security policies allowed the threat actors to execute the attack without immediate detection.
Affected: Casio UK and 16 other organizations
Keypoints :
- The compromised website redirected users through a faked payment process, collecting sensitive information.
- The skimmer monitored clicks on the checkout button rather than infecting the checkout page directly.
- All infections loaded the skimmer from a common Russian hosting provider, indicating a coordinated attack.
Source: https://www.securityweek.com/casio-website-infected-with-skimmer/