Skimmers in Images & GitHub Repos

Skimmers in Images & GitHub Repos

MalwareBytes recently shared some information about web skimmers that store malicious code inside real .ico files.

During a routine investigation, we detected a similar issue. Instead of targeting .ico files, however, attackers chose to inject content into real .png files — both on compromised sites and in booby trapped Magento repos on GitHub.


Our security analyst Keith Petkus found this piece of malware injected on a compromised Magento 2.x site.

Continue reading Skimmers in Images & GitHub Repos at Sucuri Blog.

Leave a Reply

Your email address will not be published. Required fields are marked *


Tap To Call