all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

X-Cart Skimmer with DOM-based Obfuscation

Add to bookmarks
May 17, 2022, 6:01 p.m. | Denis Sinegubko

Security Boulevard securityboulevard.com


Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located server-side, the other client-side.


X-Cart’s e-commerce platform is not nearly as popular as Magento or WooCommerce and as a result we don’t see as many threat actors targeting it. While we do still regularly find skimmers on X-Cart sites, they are usually more customized and don’t look like typical Magecart malware.


Continue reading X-Cart Skimmer …

black hat tactics dom ecommerce security hacked websites malware obfuscation security education skimmer website malware infections website security

Visit resource

More from securityboulevard.com / Security Boulevard

ITDR vs ISPM: Which Identity-first Product Should You Explore? 2 hours ago | securityboulevard.com
axiad cybersecurity emerging fresh takes +7
“You Can’t Protect What You Can’t See” Still Rings True. Why Observability Now. 6 hours ago | securityboulevard.com
awareness blog can effectively +12
What is Penetration Testing: A comprehensive business guide 9 hours ago | securityboulevard.com
benefits business critical cyber security +18
Best Practices to Strengthen VPN Security 9 hours ago | securityboulevard.com
authentication best practices covid data +26
Cradlepoint Adds SASE Platform for 5G Wireless Networks 9 hours ago | securityboulevard.com
5g access cloud cloud service +28
BTS #28 – 5G Hackathons – Casey Ellis 10 hours ago | securityboulevard.com
casey ellis eclypsium enterprise hackathons +6
CCPA Compliance with Accutive Data Discovery and Masking: Understanding and protecting your sensitive data 10 hours ago | securityboulevard.com
act adm platform articles businesses +30
USENIX Security ’23 – Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the … 13 hours ago | securityboulevard.com
access analysis authors binance +21
USENIX Security ’23 – Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the … 13 hours ago | securityboulevard.com
access analysis authors binance +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Systems Security Officer (ISSO) (Remote within HR Virginia area)

@ OneZero Solutions | Portsmouth, VA, USA
View on infosec-jobs.com

Security Analyst

@ UNDP | Tripoli (LBY), Libya
View on infosec-jobs.com

Senior Incident Response Consultant

@ Google | United Kingdom
View on infosec-jobs.com

Product Manager II, Threat Intelligence, Google Cloud

@ Google | Austin, TX, USA; Reston, VA, USA
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com
View more jobs