Just yesterday it was reported that hackers have been manipulating Google search results to spread 2 of the nastiest Mac malware. Now, something similar is going on but this time, hackers are using Google Analytics.
Every website is at risk of various attack vectors that can help attackers gain access to highly sensitive information. To guard against this, vigilant web administrators employ something called a Content Security Policy (CSP) in which they specify a list of domains that the browser should only trust and execute any scripts from.
See: Google tracks browsing activity in Chrome’s Incognito mode
Thus if an attacker’s domain name is not found in such a list, an attack such as Cross-Site Scripting (XSS) will fail. However, what happens if an attacker somehow exploits a whitelisted domain to execute malicious scripts.
This is exactly what has been discovered recently in reports from several research firms including Kaspersky, Sansec, and PerimeterX where about two dozen online stores have been found to be infected globally.
To start with, as most eCommerce websites mark Google Analytics domains as being safe, attackers have been taking undue advantage of this by
Support the originator by clicking the read the rest link below.
