We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings.
Our investigation revealed that the site had been infected with a credit card skimmer loading JavaScript from the malicious internationalized domain google-analytîcs[.]com (or xn--google-analytcs-xpb[.]com in ASCII):
//google-analytîcs.com/www.%5Bredacted%5D.com/3f5cf4657d5d9.js
The malicious user purposely selected the domain name with the intention of deceiving unsuspecting victims.
Continue reading Fake Google Domains Used in Evasive Magento Skimmer at Sucuri Blog.
Source: Scuri check
You must log in to post a comment.