Q-logger Skimmer Targets Small Online Stores
The MageCart gang executed one of the largest online attacks to involve the use of digital scammers. By compromising ecommerce websites, the criminals were able to plant malicious code that harvests the payment data of customers in the background. Of course, neither the customers, nor the shop's owners are aware that this is happening. Since then, dozens of other cybercrime gangs have been experimenting with various digital skimmers that share similarities with the MageCart code. The latest threat to behave in such a manner is the Q-logger Skimmer.
Keep in mind that in order for the Q-logger Skimmer to affect an ecommerce website, the criminals must find a vulnerability that would allow them to modify the contents of the site's pages. Typically, they achieve this by phishing for administrator credentials, or using exploits for outdated software and components. Once they have administrator permissions to edit the website's contents, they can either inject the malicious code directly in the page, or load it from an external resource through a single line of code. The Q-logger Skimmer operators rely on the latter method to load a single JavaScript file containing all of the malicious code.
Q-logger Skimmer Operators Focus on Outdated Magento Stores
Naturally, the code of the Q-logger Skimmer is not presented in a readable manner. Its creators use heavy obfuscation to prevent people from basic JavaScript knowledge from seeing the file and uncovering its secrets. It takes a lot of time, effort, and knowledge to separate the useless obfuscated code from the core features of the Q-logger Skimmer.
Currently, the Q-logger Skimmer operators are targeting almost exclusively Magento stores. Judging by the infected websites, it seems that they are all running outdated Magento versions, which have exploitable vulnerabilities. Protecting yourself and your customers from this attack is easy – simply make sure to update your software regularly.
If you are a customer who wants to stay safe from such attacks, we advise you to stick to shopping from reputable and trustworthy sources. Campaigns like the Q-logger Skimmer one usually go after small online stores.