This scheme would not be complete without yet another interesting variation to exfiltrate stolen credit card data.
The Malwarebytes team detected the malicious code from an online store running the WooCommerce plugin for WordPress.
WooCommerce is increasingly being targeted by cybercriminals, as it has a large market share.
The attack is a variation that uses favicons, but with a twist.
Malicious code was tracked back to a malicious domain, cddn[.
]site, that is loaded via a favicon file.
source: www.techworm.net
