Fake Google Domains Used in Evasive Magento Skimmer

Fake Google Domains Used in Evasive Magento Skimmer

We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings.

Our investigation revealed that the site had been infected with a credit card skimmer loading JavaScript from the malicious internationalized domain google-analytîcs[.]com (or xn--google-analytcs-xpb[.]com in ASCII):

The malicious user purposely selected the domain name with the intention of deceiving unsuspecting victims.

Continue reading Fake Google Domains Used in Evasive Magento Skimmer at Sucuri Blog.

Via Sucuri.net

Tags: ,

No comments yet.

Leave a Reply