Summary: Threat hunters have identified an advanced web skimmer campaign exploiting a deprecated Stripe API to validate stolen payment information. This campaign, affecting an estimated 49 merchants, is designed to exfiltrate only valid card data, making it harder to detect. The attackers leverage vulnerabilities in popular e-commerce platforms to implement their malicious scripts, which also target additional payment options like cryptocurrencies.
Affected: Stripe, WooCommerce, WordPress, PrestaShop
Keypoints :
- A sophisticated web skimmer campaign uses a legacy Stripe API for validating stolen payment information.
- The campaign has impacted approximately 49 merchants and is still ongoing since August 2024.
- Malicious scripts disguise legitimate payment forms and are tailored for different sites, reducing detection chances.
- Additional payment methods, including cryptocurrencies, are targeted alongside traditional payment options.
Source: https://thehackernews.com/2025/04/legacy-stripe-api-exploited-to-validate.html