Europol and ENISA spotted 443 e-stores compromised with digital skimming

Europol and ENISA spotted 443 e-stores compromised with digital skimming

Pierluigi Paganini
December 24, 2023

A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with digital skimming.

Europol, ENISA, and private security firms Group-IB and Sansec collaborated in a joint law enforcement operation, uncovering 443 online shops affected by digital skimming. The operation is part of EMPACT priority, a law enforcement activity targeting the criminals behind online fraud schemes.

The term digital skimming refers to the criminal practice of harvesting payment information of visitors of a website during checkout. Crooks use to exploit vulnerabilities in e-commerce platforms and CMSs to inject the skimming script into the page of the e-store. In some cases, attackers can exploit vulnerabilities in installed third-party plugins and themes to inject malicious scripts.

Europol, with the support of national Computer Security Incident Response Teams (CSIRT), notified the compromised online merchants and their customers.

“Europol is participating in the digital skimming action with the aim of informing affected e-commerce platforms and other online merchants that they have been unintentional points of compromise for such stolen payment data.” reads the press release published by Europol. “Europol, national law enforcement authorities, national Computer Security Incident Response Teams and trusted private industry partners identify affected online merchants and provide technical support to these platforms to resolve the issues and protect future customers.”

Europol, along with national law enforcement, Computer Security Incident Response Teams (CSIRTs), and private industry partners, also offer technical support to resolve issues and secure impacted websites.

The operation allowed the identification of 23 families of JS-sniffers, including ATMZOW, health_check, FirstKiss, FakeGA, AngryBeaver, Inter, and R3nin.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, digital skimming)

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts