Hundreds of Fake Online Shoe Stores Injected With Credit Card Skimmer To Steal User Card Details

Hundreds of online web stores that sell counterfeit goods are affected by credit card skimmer that aimed to steal the customer credit card details.

Several counterfeit online shoe stores offer great deals for the popular brands, most of them are a fraud and these fraud stores attract another fraudulent activity now.

Credit Card Skimmer Injected on Online Shoe Stores

Malwarebytes identified a number of fraudulent sites that selling branded shoes that are infected with the credit card skimmers.

These skimmers get injected with the checkout page of the stores and they are capable of grabbing a credit card and personal details entered in the checkout pages of the website. The injected skimmers collect the details from the checkout pages and sent them to the attacker-controlled websites.

The fraudulent sites receive traffic from forums and through social media, “Crooks troll sporting and fitness forums and leave messages to entice users to visit the fake store.”

Here you can find some of the counterfeit site ads that selling popular brand stores such as Adidas, Nike, and other big brand name sneakers.

The obfuscated skimmer found to be injected with several Magento stores and the stolen data including billing addresses and credit card numbers is sent to a server hosted in China 103[.]139[.]113[.]34.

All the websites compromised are exploited using the same outdated software Magento under 1.9.4.2 and PHP under 5.6.40. “It’s likely a malicious scanner simply crawled those IP ranges and used the same vulnerability to compromise every one of those counterfeit sites.”

It is always recommended to buy the tickets from the official website, venue’s box office, reputable ticketing website or through official agent or partner.

Beware of the Fake apps and websites that promise you to get additional discounts, these bogus apps may enter into official play store also, be careful while installing those apps.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates