Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards
On Monday, researchers reported that hackers are exploiting Google’s Analytics service to steal credit card information from compromised e-commerce sites. Kaspersky, Sansec, and PerimeterX all published reports claiming that attackers are injecting data-stealing code onto the infected sites along with a Google Analytics tracking code for their own account. This allows the threat actors to exfiltrate payment information entered by customers, even when security policies are enforced.
Kaspersky stated that it uncovered roughly two dozen infected websites across Europe, North America, and South America, that have been infected. The compromised e-commerce sites specialize in selling digital equipment, cosmetics, spare parts, and food products. The success of the attacks is contingent on e-commerce sites using Google’s web analytics service for tracking visitors, and have whitelisted the associated domains in their content security policy.