In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses. The simple nature of such attacks combined with the use of malicious JavaScript code for intercepting payment data attract more and more cybercriminals, and JS-sniffers became one of the most prominent sources of stolen bank cards on underground markets.
In July 2020, Sansec published an article about the attacks on US and European online shops with the use of JavaScript sniffers (JS-sniffers). The researchers attributed the "clientToken=" campaign to the North Korean APT called Lazarus (aka Dark Seoul Gang, HIDDEN COBRA, Guardians of Peace, APT38, APT-C-26, Labyrinth Chollima, Zinc, Bluenoroff, Stardust Chollima). ...read more!
