CoffeMokko JS-sniffer

Shopping online is a practice that is growing more and more since one can find good offers from the comfort of their home offices or even business offices and receive the purchased goods at home and quickly. Regretfully, the criminals also saw in it a good opportunity for them to use their threatening tools to attack online vendors and gather data that will be used to perform illicit action. The CoffeMokko JS-sniffer is one of these tools that belongs to a big family of JS-sniffers, which have members such as the MagentoName JS-sniffer, the GetBilling JS-sniffer, and many others, all of them created to invade e-commerce websites to collect payment data from their customers. JS-sniffers can be rented as a service on the Black market and since it doesn't require too much skill to be handled, anyone looking for easy money, no mattering if was illicit or not, can rent it and start attacking business all around the globe.

The CoffeMokko JS-sniffer was responsible for 11% of the infected point-of-sales (92,440 websites) and giants such as Paypal, and other popular vendors were affected by it. Security researchers have warned the administrators of these online vendors to keep their software always up-to-date and have severe security measures implanted since the most used way to invade computers is through vulnerabilities that usually can be fixed easily. Online shoppers also can help to reduce these unfair practices by checking their credit cards statements and reporting any irregular occurrence immediately after discovering it.