A novel Magecart campaign that weaponizes legitimate cloud services to evade detection: attackers are storing a JavaScript skimmer inside Stripe customer metadata and delivering it to victim checkouts via Google Tag Manager. The combination makes Stripe both the command server for arbitrary code and the durable exfiltration sink for stolen card data, using domains (googletagmanager.com […] The post New Magecart Attack Abuses Stripe as Malware C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/magecart-abuses-stripe-c2/
