"Hackers Hide Credit Card Stealing Script in Favicon Metadata"
Malwarebytes recently reported malicious code insertion inside the Exchangeable Image File Format (EXIF) data of a favicon by hackers. A favicon is a small image used by web browsers to show a graphical representation of a website. Hackers are hiding scripts in favicon images' EXIF data to evade detection and steal credit card information. This attack is considered a variant of a Magecart attack. Such attacks have been performed against Macy's, British Airways, Tupperware, and other widely popular companies. According to Malwarebytes, credit cards stolen through the execution of Magecart attacks are being sold or used to make fraudulent purchases on the dark web market. This article continues to discuss the use of favicon metadata to hide credit card-stealing scripts and other techniques applied by Magecart hackers to circumvent detection.
Bleeping Computer reports "Hackers Hide Credit Card Stealing Script in Favicon Metadata"