MalwareBytes reports that hackers are using a new trick to skim credit card data form websites using a skimmer hidden inside image metadata.
We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores. This scheme would not be complete without yet another interesting variation to exfiltrate stolen credit card data. Once again, criminals used the disguise of an image file to collect their loot.
A devious, clever hack.
Check It Out: Hackers Hide Credit Card Web Skimmer Inside Image Metadata