CyberHappenings logo
☰

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Stripe iframe skimmer campaign targets payment processors

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

A sophisticated skimmer campaign targeting Stripe iframes has compromised 49 merchants since August 2024. Attackers use malicious overlays to bypass iframe security and steal credit card data. The campaign exploits vulnerabilities in the host pages to inject malicious JavaScript, replacing legitimate iframes with pixel-perfect replicas. The attack leverages deprecated Stripe APIs for real-time card validation, making the theft undetectable to customers. This campaign highlights the growing threat of iframe exploitation, with 18% of websites running tools like Google Tag Manager within payment iframes, creating significant security risks. The campaign underscores the need for active monitoring and robust security measures to protect payment iframes, as traditional defenses like CSP and X-Frame-Options are insufficient.

Timeline

  1. 24.09.2025 14:03 πŸ“° 1 articles Β· ⏱ 4h ago

    Stripe iframe skimmer campaign compromises 49 merchants

    Since August 2024, a sophisticated skimmer campaign has targeted Stripe iframes, compromising 49 merchants. Attackers use malicious overlays to bypass iframe security and steal credit card data. The campaign exploits vulnerabilities in the host pages to inject malicious JavaScript, replacing legitimate iframes with pixel-perfect replicas. The attack leverages a deprecated Stripe API for real-time card validation, making the theft undetectable to customers. This campaign highlights the growing threat of iframe exploitation, with 18% of websites running tools like Google Tag Manager within payment iframes, creating significant security risks.

    Show sources

Information Snippets