New JavaScript Skimmer ‘Pipka’ Targeting eCommerce Merchants
released on 2019-11-15 @ 03:17:23 AM
In September 2019, Visa Payment Fraud Disruption’s (PFD) eCommerce Threat Disruption (eTD) program
identified a new JavaScript skimmer that targets payment data entered into payment forms of eCommerce
merchant websites. PFD is naming the skimmer Pipka, due to the skimmer’s configured exfiltration point at
the time of analysis (as shown below in the Pipka C2s).