Malwarebytes Lab announced a new method they have discovered, a web skimmer can be hidden behind a favicon, an image file displayed on the browser’s tab. With this method, hackers aim to deceive online shoppers while staying under the radar from website administrators and security scanners.
No extra code
Malwarebytes Lab researchers noticed that the website used by the hackers is registered a few days ago and its server’s IP address was previously identified as malicious. Icons on the website are stolen from a legitimate site named iconarchive. Malwarebytes Lab stated that the images were properly formatted and no extra codes can be found inside.