The MakeFrame threat is a brand-new digital skimmer that is targeting online stores worldwide. So far, malware researchers report that there are at least 19 hosts who have fallen victim to the MakeFrame digital skimmer. Digital skimmers like the MakeFrame threat operate by compromising an online store and infiltrating the check-out page. Website administrators may not even notice that there is anything wrong, as well-built skimmers operate very silently. This means that the skimmer may be operating quietly for months without the customers or the administrators of the page noticing. By infiltrating the check-out page of a website, digital skimmers are able to collect the payment information of the users.
The MakeFrame digital skimmer has a rather wide reach – it can go after various payment processors and a long list of credit cards. Most skimmers may simply connect to the attackers' C&C (Command & Control) server and transfer the collected data. However, the MakeFrame skimmer takes a different, more obfuscated approach. The MakeFrame threat will transfer all the collected payment information to another infected server. This is where the data is stored until the authors of the MakeFrame skimmer download it manually. This helps the creators of the MakeFrame digital skimmer remain unidentified.
Digital skimmers like the MakeFrame threat can cause huge financial losses for the compromised website’s customers and ruin the reputation for the website itself. Needless to say, digital skimmers are very threatening and should be taken by website administrators very seriously.