A newly discovered credit card skimmer uses an innovative technique to inject highly convincing PayPal iframes and hijack checkout process on compromised online stores. The new tactic for stealing online shoppers’ payment card information was discovered by Affable Kraut using data from Sansec, a security company focused on fighting digital skimming. The skimmer will capture all order form data entered by the victims and will exfiltrate it to the attackers’ servers. After stealing the victims’ payment data, it will click the order button behind the malicious iframe sending the victim back to the legitimate checkout process.
Source: https://www.bleepingcomputer.com/news/security/credit-card-skimmer-fills-fake-paypal-forms-with-stolen-order-info/