A recent report from Kaspersky Lab outlines how hackers are using Google Analytics to steal credit cards, passwords, IP addresses, and more from unknowing users.
SearchEngineJournal reports that a recent report from Kaspersky Lab has revealed new techniques being employed by hackers that use Google Analytics to steal users’ credit card numbers, user agents, passwords, IP addresses, and more. The trick being used by the hackers isn’t even the result of a bug in Google Analytics itself.
Hackers are exploiting the trusted status that Google Analytics is given by all browsers in order to steal information from hacked websites. The hackers use the websites to transfer data trusted by Google Analytics directly to them. Kaspersky Labs states in its report:
We identified several cases where this service was misused: attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Analytics. As a result, the attackers could access the stolen data in their Google Analytics account.
Kaspersky noted that the exploit captures everything that is shared with the affected website including financial info and even passwords. Kaspersky’s report states:
The script collects everything anyone inputs on the site (as well as information about the user who entered the data: IP address, User Agent, time zone).
The collected data is encrypted and sent using the Google Analytics Measurement Protocol.
Once a site has been compromised, attackers upload code that collects the information that users share with the site and transfers it directly to them, while the user’s web browser believes that it is sending this information to Google Analytics.
Google Analytics is free software used by publishers to measure the traffic from other sites to their own sites and is commonly used to track advertising related traffic in order to monitor how a campaign is generating income.
Read the full report from Kaspersky Labs here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address lucasnolan@protonmail.com
COMMENTS
Please let us know if you're having issues with commenting.