A recent update reported that an online skimming scheme that intercepts and steals payment card details is taking deeper root in e-commerce websites.
Dutch researcher Willem de Groot first discovered the malicious JavaScript that was specifically crafted for the purpose last year. In 2015, he found around 3,500 stores infected with the malware.
Instead of improving though, the report said the situation has worsened. As of last count last September, almost 6,000 merchants were found to be carrying the skimming software.
De Groot explained in a blog post that the worsening situation indicates that this kind of activity can carry on undetected for months. His research further suggests that the scheme is the handiwork of several groups. Specifically, he said, last year, the variants showed they came from the same malware code. However, current tracks show that they now come from three distinct malware families amounting to nine variants.
"The first malware just intercepted pages that had checkout in the URL," de Groot explained. "Newer versions also check for popular payment plugins such as Firecheckout, Onestepcheckout, and Paypal."
On the bright side, some online merchants are taking action to eliminate the malware. A report says that in a two day period, more than 300 stores have fixed their payment systems. Still, 170 new stores were hacked in the same time frame.
