Inter

In the past, the term skimming used to be linked to crooks collecting credit card data from ATMs (Automated Teller Machines) exclusively. The operation would be carried out by the criminals installing a well-masked piece of hardware onto an ATM and then gathering the sensitive credit card data of users who use the machine. However, cyber crooks also have taken an interest in skimmers, and a new malware has been developed, which is often referred to as online skimming. Usually, an online skimmer would consist of a difficult to detect JavaScript code that is injected into the check-out page of an online store. Of course, the online skimmer would not change the interface or functionality of the compromised website, and users will be oblivious to its unsafe activity. This allows the operators of the online skimmer to collect the credit card information of the site’s clients and exploit it however they please. One of the newest online skimmers detected is called Inter.

Sold for $1,300

It became apparent quickly that the Inter skimmer is being sold as a tool on hacking forums. This means that anyone who is willing to pay can get their hands on the Inter skimmer and start collecting credit card information from compromised sites. The creators of the Inter skimmer are selling it for $1,300, and the shady individuals who buy this tool will be able to use all its features. However, let’s not forget that to utilize the skimmer’s features, its operator will have first to infiltrate a website.

Consists of Several Modules

The Inter skimmer consists of various modules, which perform similar but yet different tasks. The Inter skimmer has a loader module, the goal of which is to make sure that the tool is launched successfully. The Inter skimmer is capable of detecting if it is being run in a sandbox environment and would cease operating if the test returns positive. This skimmer also operates only after it performs a test that determines if the Web page is fully loaded. This test is carried out every 0.5 seconds until it returns a positive result.

Utilizes Two Methods to Collect Credit Card Data

To achieve its final goal, which is to collect credit card information, the Inter skimmer can utilize two different approaches. It can look for HTML tags such as ‘select,’textarea,’ and ‘input’ and try to collect the information linked to it. Alternatively, the Inter skimmer can try and trick the users into filling in their payment information into a bogus form, which would expose all the victim’s credit card details to the operators of the tool. The collected data is then exfiltrated to the server of the Inter skimmer’s operators. The authors of the Inter skimmer claim that their tool is compatible with 18 large payment providers. They also state that they will continue to expand the reach of the Inter JavaScript skimmer and thus weaponize it further.

The fact that the Inter skimmer costs $1,300 means that not many shady actors will be able to afford this pricey tool. However, the Inter skimmer is capable of causing great damage. Shopping websites need to take more care of their customers and be extra vigilant about their platform’s security.