The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to a third-party server controlled by the attackers.
Though popular with bad actors, one of the drawbacks of this approach is that it’s possible to track requests to suspicious servers if you monitor the traffic generated by checkout pages — or any other infected pages.
A lesser-known, but still very popular, type of skimmer can instead be found harvesting information server-side.
Continue reading Evasion Tactics in Hybrid Credit Card Skimmers at Sucuri Blog.
Source: Sucuri
