The concept of hiding malicious code within image files isn’t exactly new, but this could possibly be the first time that researchers have seen this concept used to hide virtual credit card skimmers. According to the researchers at Malwarebytes, this code seems to be commonly found on favicons (these are icons you see on browser tabs to depict the website that’s in the tab).
When used together with a compromised storefront, it would allow the hacker to steal information from the user such as their name, address, as well as credit card information. For now, it seems that hackers are targeting the WooCommerce plugin for WordPress due to it having a pretty large market share.
While stealing credit card information isn’t a new hack, the fact that hackers have found a new way to hide their activity has made it much more dangerous, so do keep this in mind the next time you shop online.