Casio and 16 Other Websites Hit by Double-Entry Web Skimming Attack

A recent web skimming campaign targeted at least 17 websites, including Casio’s UK site, exploited vulnerabilities in Magento or similar platforms. The attack used a double-entry skimming technique, intercepting checkout button clicks and presenting users with a fake payment form to steal sensitive information. Researchers uncovered the infection, decrypted stolen data, and highlighted the importance of effective Content Security Policy (CSP) configurations to prevent such attacks.