Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Hackers Use Unicode to Conceal Skimmer

October 10, 2024
Reading Time: 2 mins read
in Alerts
Hackers Use Unicode to Conceal Skimmer

Cybersecurity researchers have recently unveiled a sophisticated campaign involving a new digital skimmer dubbed the “Mongolian Skimmer,” which utilizes Unicode obfuscation techniques to conceal its malicious code. This skimmer specifically targets e-commerce platforms, aiming to steal sensitive financial information entered by users during checkout processes. According to researchers from Jscrambler, the heavy use of invisible Unicode characters makes the skimmer’s code particularly challenging for analysts to read and detect, allowing it to operate under the radar of traditional security measures.

At its core, the Mongolian Skimmer leverages JavaScript’s capability to use any Unicode character in identifiers, obscuring its malicious functionality. The primary goal of this malware is to capture sensitive data entered on compromised e-commerce sites, including credit card details and personal identification information, which are then exfiltrated to attacker-controlled servers. The skimmer typically manifests as an inline script on compromised sites, fetching its payload from external servers to maintain stealth and reduce the risk of detection.

In a bid to evade analysis, the Mongolian Skimmer employs techniques to disable specific functions when a web browser’s developer tools are opened. This ensures that analysts cannot easily debug or understand its operations. Furthermore, the skimmer uses well-known compatibility techniques to work across various browsers, employing both modern and legacy event-handling methods. This approach guarantees that it can target a broad range of users, regardless of the browser version, increasing its effectiveness and potential victim pool.

Researchers have also observed an “unusual” loader variant within the skimmer that activates only upon user interaction events, such as scrolling, mouse movements, or touch actions. This functionality not only serves as an effective anti-bot measure but also helps prevent performance bottlenecks that could raise suspicion among users. The research indicates that the Mongolian Skimmer represents a significant evolution in cybercriminal tactics, highlighting the need for e-commerce platforms to bolster their security measures and for consumers to remain vigilant against such threats in their online shopping experiences.

Reference:
  • Hackers Use Unicode Obfuscation to Hide Mongolian Skimmer on E-Commerce Sites
Tags: Cyber AlertsCyber Alerts 2024Cyber threatsCybersecurityE-commerceHackersJavascriptMongolian SkimmerOctober 2024skimmer
ADVERTISEMENT

Related Posts

Glibc Flaw Gives Linux Root Access Risk

Mozilla Urgent Firefox Patch Fixes RCE Flaws

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

ModiLoader Malware Targets Windows Users

May 19, 2025
Glibc Flaw Gives Linux Root Access Risk

Glibc Flaw Gives Linux Root Access Risk

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

APT28 RoundPress Webmail Hack Steals Emails

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

Fileless Remcos RAT Delivery Via LNK Files

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial