Summary: A new report from Group-IB reveals an alarming rise in browser fingerprint theft, where cybercriminals utilize advanced techniques to steal unique digital identifiers, enabling them to impersonate users and commit fraud. The report highlights a significant campaign linked to the threat actor ScreamedJungle that compromised over 115 e-commerce sites to harvest these fingerprints. With the invisibility of this method, users remain unaware of their stolen data being used for malicious purposes.
Affected: E-commerce websites, financial institutions, online services
Keypoints :
- Cybercriminals exploit browser fingerprinting to bypass security measures and commit fraud.
- The ScreamedJungle group injected malicious JavaScript into compromised e-commerce sites to steal browser fingerprints.
- Stolen fingerprints enable account takeovers, fraudulent transactions, and credential stuffing attacks.
Source: https://securityonline.info/screamedjungle-campaign-steals-browser-fingerprints-from-115-sites/