Credit card skimmers are a constant source of headaches for e-commerce websites, online merchants, financial institutions, and their customers alike. Skimming is a lucrative source of income for threat actors. One such credit card skimming service is gaining popularity among low-skilled threat actors.
Diving into details
Threat intel provider DomainTools discovered the new skimmer-as-a-service Caramel that is operated by CaramelCorp, a Russian cybercrime organization. The service is being sold only to Russian-speaking hackers and uses a vetting process to reject those who are inexperienced. The kit includes a skimmer script, a campaign management panel, and deployment instructions.
Benefits offered
- The lifetime subscription is being sold for $2,000 and offers anti-detection solutions, code upgrades, and complete customer care support to Russian-speaking hackers.
- The buyers are, furthermore, provided a quick start guide on JavaScript methods, specially tailored for content management systems. The guide focuses on less technically adept buyers.
- As the scripts are written in JavaScript, Caramel includes a variety of obfuscation techniques to evade detection.
- A campaign administration panel enables the malware operator to keep an eye on infected e-stores and manage gateways for stolen data reception.
Why this matters
Credit card skimming has a high success rate and requires less effort as compared to complicated attack vectors, leading to a rise in such activity. Following are the factors adding to the growth of this trend among cybercriminals.
- Ecommerce websites are often vulnerable, easy to detect all at once, and lack dedicated security teams.
- JavaScript injection is relatively easy to perform, along with the use of other tools and services offered by cybercriminal forums.
- Abusing and dumping stolen data is easier and cheaper than other forms of fraud and can build the foundation for targeted attacks in the future.
- Skimming attacks can adapt to counter defenses with anti-analysis and sophisticated obfuscation tactics.
The bottom line
Continual marketing and development have made Caramel a popular fixture in the underground market. While card skimming campaigns are nothing new, this skimmer-as-a-service boasts extensive features that remove the barrier to conducting large-scale campaigns. This indicates that skimming campaigns may witness a rise in the future and the way to stay safe is by implementing charging limits and preferring online payment systems instead of cards.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/0e88_shutterstock_1705346881.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/9775_shutterstock_469115618.jpg)
