Home Cyber Security Hackers use a website’s favicon to hide web skimmer

Hackers use a website’s favicon to hide web skimmer


We have seen some very cleverly done hacking techniques to date and everyone is left to wonder how it is possible to catch such hacking attempts. One such hacking report has just been published and there is nothing but to be impressed by such an innovative hacking pattern that is impossible to find out until it is. This hacking incident is also said to be one of the most unique and innovative hacking campaigns in a long while. According to the report and details regarding the campaign, it is known that hackers made a fake icon hosting website.

In reality, this website was made to insert malicious code in order to steal payment card data from hacked websites. As per the researchers understanding such incidents, this technique is also known as web skimming, e-skimming or Magecart attack. ZDNet reveals that “US-based cybersecurity firm Malwarebytes said it detected one such group taking its operations to a whole new level of sophistication with a new trick.”

It is known that this fake icon hosting website is myicons.net so if you are using or have used such this website to get your favicons then replace them as soon as possible before the damage is done. Malwarebytes, in its report, also revealed that “web skimming code was still loaded on hacked sites, and there was clearly something strange with the new favicon.”

For those who are unaware of website icons, a favicon is that small icon you see on the browser tabs and it is different from the website logo. However, you still need to have the favicon hosted on your internal code for the website which means there is a chance you can hack the website from there as well. And this is what the hackers exploited and it is something that most users won’t even notice.