Hackers misused Google Apps Script to steal credit cards details

Google Apps

Security researchers have discovered a new payment info theft tactic where attackers are misusing Google’s Apps Script business application development platform to steal credit card details submitted by customers of e-commerce websites while shopping online.

Google Apps Script is a rapid application development platform that makes it fast and easy to create business applications that integrate with Google Workspace. Users can write code in modern JavaScript and have access to built-in libraries for favorite Google Workspace applications like Gmail, Calendar, Drive, and more

Credit card skimmers also known as Magecart scripts or payment card skimmers) are JavaScript-based scripts injected by cybercrime groups known as Magecart groups injected into hacked online stores as part of web skimming (also known as e-skimming) attacks. Once deployed, the scripts allow the attackers to harvest the personal information, credit card details and payment transactions submitted by the hacked shops’ customers and collect it on servers under their control.

By Hrithik Lall

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!