The Kritec skimming campaign      , carried out by a group of hackers known as Magecart , is a highly sophisticated operation that targets online shoppers . This campaign was first identified by Akamai in March 2023 and experienced increased activity in October, specifically targeting the holiday shopping season to take advantage of the rise in online transactions.
Malwarebytes threat researchers have observed a significant increase in newly registered domains associated with Kritec  , with a 50% month-over-month rise in the US since September . This indicates a surge in compromised sites and an increased risk for innocent shoppers to become victims of this skimming campaign . The infrastructure behind the campaign is located on the IT WEB LTD network in the British Virgin Islands .
To protect against credit card skimming , it is advised to carefully scrutinize smaller merchants, conduct website audits, and utilize security tools like Malwarebytes Premium and Malwarebytes Browser Guard . Additionally, a list of infrastructure obtained through retrohunting has been published to enhance community blocklists for improved threat detection and prevention .
The Kritec skimming campaign poses a significant threat to online shoppers, with its highly sophisticated techniques and extensive reach. It is crucial for individuals and businesses to remain vigilant and take proactive measures to protect against credit card skimming. By carefully reviewing smaller merchants, conducting regular website audits, and utilizing reliable security tools, such as Malwarebytes Premium and Malwarebytes Browser Guard , the risk of falling victim to this skimming campaign can be minimized. Furthermore, the publication of an infrastructure list obtained through retrohunting will aid in enhancing community blocklists , improving threat detection and prevention in the future.