Advancing technologies gave rise to new forms of hacks. A recent approach by a bunch of hackers called steganography, where the attackers are hiding malicious code under legitimate images and implanting them in e-commerce sites to steal sensitive credit card data.
Why Under Images?
How To Find?
Analysing the malformed image under Hex Editor shows some extra data is added after the final segment. Strings such as onestepcheckout or authorizenet confirm these code being malicious and purposed for skimming. Malwarebytes result that most of the hacked sites were infected with steganographic images, implanting the code at either footer tags or Google Tag Manager.