Visa: New Baka Skimmer Designed to Avoid Detection
#1
Information 
Quote:Visa has issued a warning about new digital skimming malware with a sophisticated design intended to circumvent detection by security tools.
 
The card giant said its Payment Fraud Disruption (PFD) group first discovered the “Baka” skimmer in February whilst analyzing a command and control (C2) server associated with the ImageID variant. PFD subsequently founded seven servers hosting the Baka skimming kit.
 
“While the skimmer itself is basic and contains the expected features offered by many e-commerce skimming kits (e.g. data exfiltration using image requests and configurable target form fields), the Baka skimming kit’s advanced design indicates it was created by a skilled developer,” it said.
 
“The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code. PFD assesses that this skimmer variant avoids detection and analysis by removing itself from memory when it detects the possibility of dynamic analysis with developer tools or when data has been successfully exfiltrated.”
 
It’s currently unclear just how widespread the threat is. Visa said that it has identified the malware on “several” merchant websites around the world using its eCommerce Threat Disruption (eTD) capabilities.
 
However, the firm issued several recommendations for e-commerce providers including: regular scans for C2 communications, close vetting of third-party code and Content Delivery Networks (CDNs), regular website scanning and testing for malware an vulnerabilities, regular patching of shopping cart and other software and web application firewalls (WAFs) to block malicious traffic.
 
Visa also recommended merchants to restrict access to administrative portals, deploy two-factor authentication and to consider using a fully hosted checkout solution separate from the main e-commerce site.

Read more: https://www.infosecurity-magazine.com/ne...-designed/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Kali Linux 2026.2 Released With 9 New To...
Offensive Security...harlan4096 — 08:28
INTEL Arc Graphics 32.0.101.8860 driver
INTEL Arc Graphics...harlan4096 — 08:19
Thunderbird 152.0.1 & Thunderbird 140.12...
Thunderbird 152.0....harlan4096 — 07:59
ESET 19.2.7.0
Changes in 19.2.7....harlan4096 — 07:45
Mozilla Firefox Browser 152.0.4
Mozilla Firefox Br...harlan4096 — 07:44

[-]
Birthdays
Today's Birthdays
avatar (43)uapedDow
avatar (47)suiscced
avatar (48)Angarpaf
avatar (41)clarissalo60
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (41)optsaZes
avatar (40)RaymondViata
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>