Threat Actors Abusing 404 Pages to Hide Card Stealing Malware

A sophisticated web skimming campaign has been detected, targeting several food and retail sectors. It employs three complex concealment strategies, including hiding malicious code in the 404 error page. The attack involves loading malicious Javascript code onto websites which, can disrupt the checkout process, inject false forms and steal data. A report by Akamai details the campaign and reveals that three different versions have been used to avoid detection.