Hackers are abusing Google Analytics so that they can more covertly siphon stolen credit card data out of infected ecommerce sites, researchers reported on Monday.
Payment card skimming used to refer solely to the practice of infecting point-of-sale machines in brick-and-mortar stores. The malware would extract credit card numbers and other data. Attackers would then use or sell the stolen information so it could be used in payment card fraud.
More recently, these sorts of attacks have expanded to use against ecommerce sites after hackers have compromised them. Hackers use the control they gain to install unauthorized code that runs deep inside the back-end system that receives and processes payment card date during an online transaction. The malicious code then copies the data.
Read 8 remaining paragraphs | Comments
Source: Ars Technica – Crooks abuse Google Analytics to conceal theft of payment card data