MakeFrame

The MakeFrame threat is a brand-new digital skimmer that is targeting online stores worldwide. So far, malware researchers report that there are at least 19 hosts who have fallen victim to the MakeFrame digital skimmer. Digital skimmers like the MakeFrame threat operate by compromising an online store and infiltrating the check-out page. Website administrators may not even notice that there is anything wrong, as well-built skimmers operate very silently. This means that the skimmer may be operating quietly for months without the customers or the administrators of the page noticing. By infiltrating the check-out page of a website, digital skimmers are able to collect the payment information of the users.

After spotting and analyzing the MakeFrame skimmer, cybersecurity experts found some uncanny similarities with an older digital skimmer, which was often used by a hacking group known as Magecart. It would appear that the MakeFrame digital skimmer has different copies lurking the Web. Some of the variants appeared to be running for testing purposes - they prioritized logging their actions and activity. This is usually done when malware developers are trying out new features or attempting to identify and remove bugs. In the meantime, other versions of the malware were trying to be as silent as possible by leaving almost no artifacts behind them. Some of the MakeFrame skimmer copies were obfuscated heavily to evade detection. However, there have been variants that were not as complex and had been injected via JavaScript code.

The MakeFrame digital skimmer has a rather wide reach – it can go after various payment processors and a long list of credit cards. Most skimmers may simply connect to the attackers' C&C (Command & Control) server and transfer the collected data. However, the MakeFrame skimmer takes a different, more obfuscated approach. The MakeFrame threat will transfer all the collected payment information to another infected server. This is where the data is stored until the authors of the MakeFrame skimmer download it manually. This helps the creators of the MakeFrame digital skimmer remain unidentified.

Digital skimmers like the MakeFrame threat can cause huge financial losses for the compromised website’s customers and ruin the reputation for the website itself. Needless to say, digital skimmers are very threatening and should be taken by website administrators very seriously.