New Credit Card Skimmer Targets Shoppers

E-commerce businesses are the pivotal point where brands can attract consumers to their products or services. However, with these online stores, a payment gateway must be attached in order for shoppers to purchase goods online. The financial and banking institutions are the main players in credit and debit card payments. Thus, these platforms that offer shopping online, and their clients are the main targets of dark web hackers

Since the invention of the World Wide Web, criminals have plagued online businesses with a host of scams, which includes phishing, ransomware, and even credit cards skimmers scams. In fact, hackers operating from the dark web have always engaged in credit card skimming scams because of the profitability associated with this type of scam. Threat actors that are not as experienced as the more renowned and infamous hacking groups have used skimming scams as a very profitable source of cash.

Credit Card Skimmer Services

Caramel, a new card skimmer is now one of the newly discovered scams launched in 2022. The service is operated and sold by CaramelCorp, which is linked to a Russian cyber crime hacking group. Recently, it was uncovered by the cyber threat intelligence firm DomainTools.

The cyber theft program comes with an exclusive membership with only Russian-speaking hackers welcome to the criminal hacking group. However, novice dark web hackers cannot utilize the software as it employs a strict vetting process to ensure that only hackers of the highest caliber have access to the program.

Caramel offers a very sweet deal in its package that comes neatly packed with a skimmer script. Additionally, a campaign management interface where hackers can easily target their victims. Above all, the hackers are gifted with deployment instructions that make launching the program quite easy.

Caramel Benefits to Hackers

The criminal hackers have to pay a hefty $2,000.00 to get their hands on the skimming device. However, a lifetime membership is afforded to the Russian-speaking hackers. The highly marketed dark web advert even includes several fabulous perks such as anti-detection techniques and lifetime code upgrades. In addition, the sellers also include complete customer relations assistance.

Furthermore, the owner of the program offers its hacking client base a quick start manual on JavaScript methods, which specifically is centered around the program’s content management systems. Also, offered to Caramel’s customers is a tutorial that is geared toward Russian dark web hackers, who are less savvy at applying the technical aspect of the software.

Caramel utilizes a range of evasion techniques to avoid detection because the scripts are written in JavaScript. With that unique capability, the virus operator can monitor the infected e-stores that they have infiltrated with the program. The hackers are also able to configure gateways for receiving stolen data through the administration panel, where they can easily manage the campaign.

The Significance of Caramel

Credit card skimming scam attracts criminal hackers because of the small amount of effort needed to launch a successful campaign. And although it is not one of the more complex scams carried out by hackers; it still has some of the most success rates, which cyber analysts have theorized has caused a new emergence in credit card skimming scams among dark web hacking groups.

With its unique elements and very little effort, the attack paths through JavaScript injection make it relatively simple for eCommerce sites to be frequently targeted by criminals. Especially, websites that lack the proper security features make them more susceptible, as they can be easily detected by the threat actors.

Furthermore, it is easy to use credit card skimming tools to steal and dump stolen data on dark web marketplaces. And as a significantly less expensive form of fraud, this highly rewarding scam can effortlessly lay the groundwork for future wide-scale fraudulent attacks on businesses and consumers.

The Caramel credit card scam has evolved into a popular dark web tool because it is constantly upgraded and marketed through successful marketing campaigns. In addition, the Caramel card skimming tool has transformed card skimmer service scams, it has more advanced capabilities that can accommodate highly successful large-scale campaigns.

Security analysts have warned that more hackers will try to capitalize on Caramel’s robust configuration, which continues to reap success from card skimming scams. eCommerce businesses should set in place security protocols to prevent hacking campaigns carried out by criminal hacking groups from the great Russian Republic, and other countries rife with criminal hackers.