Numerous Google Tag Manager-Based Skimmers Have Infected Hundreds of eCommerce Domains


Security researchers with Recorded Future have identified a total of 569 eCommerce domains infected with skimmers, 314 of which have been infected with web skimmers leveraging Google Tag Manager (GTM) containers.

The legitimate Google service GTM, which is typically used for marketing and usage tracking, relies on containers to embed JavaScript and other types of resources into websites. However, hackers are taking advantage of GTM containers to inject HTML or JavaScript code into the websites that make use of Google’s service. All 569 of the e-commerce sites that had skimmers on them were somehow connected to GTM misuse.

Data from the remaining 255 has been exfiltrated to sites related to GTM container exploitation, despite the fact that 314 have been infected with a GTM-based skimmer.

Read More: Hundreds of eCommerce Domains Infected With Google Tag Manager-Based Skimmers

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.