Casio UK Website Compromised by Web Skimmer

💳🕵️‍♂️ Casio UK website compromised by sophisticated web skimmer. A web skimmer infected the Casio UK website and 16 other sites, altering payment flows to harvest user information, according to Jscrambler. Active from January 14 to January 24, the skimmer uniquely targeted all pages except the checkout, misleading users with a fake payment form that collected personal and credit card details before redirecting them to the legitimate checkout page. The attack exploited a weak content security policy that only logged events without preventing the infection. Jscrambler noted that all 17 infections shared similar skimmer code and were hosted on the same Russian server, indicating a coordinated effort by the threat actor.

Source

Original