Card-Skimming Scripts Hide Behind Google Analytics, Angular

[maruf.swe]

The campaign is marked by a significant level of customization, with an “individualized yet very consistent approach to every compromise.

A host of credit card-stealing scripts have popped up on the web, injected into websites and purporting to be legitimate Google Analytics or Angular utilities in order to avoid webmaster notice.

According to research from Sucuri, the malicious code is obfuscated and injected into legitimate JS files, mainly on Magento-built sites. A JS file is a text file containing JavaScript code that is used to execute JavaScript instructions in web pages.

For More Details : https://threatpost.com/card-skimming-google-analytics-angular/142264/