Hackers are on the lookout for new ways of causing mayhem

Recently, researchers have unearthed a new technique to be on guard against. A few hackers have begun embedding credit card stealing scripts inside favicon metadata.

If you're not familiar with the term, you definitely know what a favicon is.

It's a custom icon used by websites for branding, associated with a specific URL. Although not universal, they are ubiquitous on the web and most companies have them.

While the idea of embedding malicious scripts on websites to steal credit card information is not new, the notion of hiding those scripts in the EXIF files of a company's favicon to avoid detection is both new and innovative. The new technique was spotted by researchers at Malwarebytes. They discovered the script embedded as described above and designed to steal credit card data from sites making use of a popular WordPress e-commerce plugin called WooCommerce.

Your IT staff perform a careful check of your system

Of course, the script could be modified to attack any other e-commerce platform, so this isn't a threat that's unique to those making use of WooCommerce. If you do use that plugin, you should have your IT staff perform a careful check of your system to ensure that you haven't been compromised. The value of embedding the script here is that most scans don't include favicon metadata by default. Fortunately, that's easily fixed. So going forward, as long as you be sure to include it, then your risks should be minimal.

Our perspective

This is by no means the first time hackers have found an unusual point of insertion for the scripts they rely on to cause harm, and it certainly won't be the last. Just be sure that your IT staff is aware of the issue and stay vigilant.

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~


By Denis Wilson and Melissa Stockwell

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI am Denis Wilson, President and Principal Consultant for DWP Information Architects. We build people / process / technology solutions to create better business outcomes for smaller enterprises in Los Angeles. We have created cost-effective automation solutions, for over 20 years, focusing on reliability, cybersecurity, and regulatory compliance.

I am also a published author and speaker, working extensively with business and professional associations to provide small business technology education programs.

Contact me if you would like me to speak at your association