Cloud Video Platform Used By Cybercriminals to Steal Payment Information

Threat actors used an unnamed cloud video hosting service to inject malicious scripts into over 100 real estate websites owned by the same holding company. The goal of this supply chain attack was to steal private information contained in website forms.

These malicious scripts, also known as skimmers, are becoming increasingly popular and are often injected into compromised websites in order to steal sensitive data provided by users on the targeted website. Skimmers are frequently used on checkout pages for online stores to steal payment information.

How Does the Attack Work?

According to BleepingComputer, Palo Alto Networks Unit42 spotted a new chain attack in which hackers were exploiting a cloud video platform feature to inject skimmer code into a video player. The moment a website embeds that player, the malicious script is also embedded, compromising the site.

It appears that the supply chain attack was highly effective since more than 100 websites have been impacted by the operation, according to the cybersecurity company. The researchers alerted the cloud video provider and assisted the compromised websites in removing the malicious code.

The cloud video hosting service used in the attack enables users to create video players that may be customized with custom

Read More: