Following the new about a piece of research from Sucuri, which revealed that hackers are hiding stolen payment card data inside website product images, Mark James, security specialist at ESET commented below.
Mark James, Security Specialist at ESET:
“Attacks that are capable of returning an immediate gain like credit cards or financial information are always on the rise. The ability to see the fruits of your labours encourage new and better ways to hack those sites that hold this valuable information.
Once stolen its fairly easy to identify credit card numbers in plain text files, they are fairly unique in their structure, and the bad guys are looking for ways to move this data without it being picked up by the average software scanning for those items. If you embed the information inside an image file you have a fairly standard container that is seen in so many aspects of our digital world. Nobody takes any notice of an image file especially if it actually displays the image with no problems, this enables attackers to send those details to almost anywhere unhindered.
Keeping your website safe against these types of hacks could be as simple as making sure your website is running the very latest version of its software. Keeping our systems up to date is very important in all aspects of our digital footprint, not just operating systems, but the applications that are running on them. With so many avenues available for attack it is imperative we monitor, maintain and update all the software we possibly can. If you are unable to update due to manufacturers restraints then you should consider using an alternative program that does include regular updates.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…