**⇄ Σ = Mᄃ² ⇆** @[email protected] · 2024-04-12T19:40:27Z

⇄ Σ = Mᄃ² ⇆ @[email protected]

Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection.

#CoSoSec #Meta

Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the "Miscellaneous Scripts" section of the Magento admin panel.

Credit card skimmer hidden in fake Facebook pixel tracker report:

https://blog.sucuri.net/2024/04/credit-card-skimmer-hidden-in-fake-facebook-pixel-tracker.html

Apr 12, 2024, 19:40 · 2· 1· 2

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Apr 12, 2024, 19:40

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Apr 12, 2024, 19:40

Apr 12, 2024, 19:40

⇄ Σ = Mᄃ² ⇆ @[email protected]

"Custom script editors are popular with bad actors because they allow for external third party (and malicious) JavaScript and can easily pretend to be benign by leveraging naming conventions that match popular scripts like Google Analytics or libraries like JQuery," security researcher Matt Morrow said.

**./katerina_ ⚧️** @[email protected] · Apr 12, 2024, 19:40

**./katerina_ ⚧️** @[email protected] · Apr 12, 2024, 19:40

Apr 12, 2024, 19:40

./katerina_ ⚧️ @[email protected]

@ecksmc

oh fun!

Resources

Developers

What is CounterSocial?

counter.social

More…