Blueliv Intelligence Briefing

Your cybersecurity news summary

Monday,   September 7th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Visa alert: Baka credit card JavaScript skimmer

Baka is a sophisticated e-skimmer developed by a skilled malware developer that implements a unique obfuscation method and loader. The Baka loader works by dynamically adding a script tag to the current page that loads a remote JavaScript file. The JavaScript URL is hardcoded in the loader script in encrypted format, experts observed that the attackers can change the URL for each victim. The e-skimmer payload decrypts to JavaScript written to resemble code that would be used to render pages dynamically. The final payload and the loader use the same encryption method, once executed, the software skimmer steals the payment card data from the checkout form. Learn more >

Demo Free Trial MSSP