In what’s one of the most innovative hacking campaigns, cybercrime gangs are now hiding malicious code implants in the metadata of image files to covertly steal payment card information entered by visitors on the hacked websites.
“We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores,” Malwarebytes