"Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms"

Researchers at Jscrambler have detailed a new digital skimmer campaign that hides "Mongolian Skimmer" using Unicode obfuscation methods. According to the researchers, the script's obfuscation seemed odd due to all the accented characters. The code's heavy use of Unicode characters, many of which are invisible, makes it difficult for humans to read. At its core, the script utilizes JavaScript's capability to use any Unicode character in identifiers in order to hide malicious functionality. The malware steals sensitive data entered on e-commerce checkout or admin pages. The stolen data is then exfiltrated to an attacker-controlled server. This article continues to discuss findings regarding the Mongolian Skimmer campaign.

THN reports "Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms"

Submitted by grigby1

Submitted by Gregory Rigby on