Pipka

Pipka Description

The Pipka malware is a skimmer written in the JavaScript programming language, which was spotted by VISA recently. Skimmers are becoming popular increasingly, as they are rather easy to build. However, despite skimmers, generally speaking, being quite easy to create, they are not as easy to use. It requires the authors of the skimmer to infiltrate a shopping website and plant their tool into the compromised system quietly. The skimmer would be added to the check-out page of the website and serves to collect the payment data of the customers. The Pipka skimmer is not too different from most malware of this class. However, it does have a few interesting features, which are worth mentioning.

Operates Very Silently

The unsafe activity of the Pipka skimmer was spotted on a shopping website from North America initially. The online store in question had dealt with skimmers before, as they had been infiltrated by another threat of this type called the Inter JavaScript skimmer. However, the Pipka skimmer is far-superior regarding its ability to remain under the radar of the site's administrators. The Pipka skimmer has several ways of achieving this:

  • The Pipka skimmer makes sure to wipe out all traces of its unsafe activity from the compromised host. The source code of the infiltrated check-out page will not contain any remnants of the Pipka skimmers' corrupted code.
  • To exfiltrate the collected data the HTML tag utilizes the ‘onload’ property. This property is used to execute JavaScript code when the tag in question is loaded. The cybercriminals use this technique to collect the gathered data. Lastly, they execute a segment of JavaScript code, which erases the tag without reloading the compromised Web page. This, in essence, makes the entire process very efficient and discreet.

The data that the attackers can collect is very diverse. However, for now, the authors of the Pipka skimmer have opted to concentrate on collecting the clients' names, addresses, and information about their credit cards such as the credit card number, the CVV code and the expiration date. It is clear that this is a very serious breach into one's privacy and can end up as a catastrophe for many users.
Online merchants need to be very careful as breaches like this can cost their customers dearly, and it is their responsibility to keep their clients safe.