Stripe Skimmer Shenanigans: How Cyber Thieves Are Upping Their Game with Old APIs

Threat hunters have uncovered a dastardly web skimmer campaign using Stripe’s legacy API to validate stolen payment info. It’s the criminal equivalent of checking if a stolen car has enough gas before taking off! 49 merchants are impacted, and the attackers even accept Bitcoin, Ether, and other cryptocurrencies. Now that’s modern thievery!

3P
Published: April 3, 2025 4:52 amAdded: April 2, 2025 at 9:57 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

It seems even hackers have a knack for quality control these days! Who knew cybercriminals had such high standards for their data? They’re not just any skimmers; they’re connoisseurs of card data.

Key Points:

  • Threat hunters uncover a sophisticated web skimmer campaign using a legacy API from Stripe.
  • 49 merchants have been affected, with only 15 acting to remove the malicious scripts.
  • The campaign uses the deprecated “api.stripe[.]com/v1/sources” endpoint to validate stolen card data.
  • Threat actors exploit vulnerabilities in platforms like WooCommerce, WordPress, and PrestaShop.
  • Skimmers also mimic payment forms from other providers and even support cryptocurrency options.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?