Crime without punishment: in-depth analysis of JS-sniffers
JS-sniffers pose a growing threat by attacking online stores and stealing payment data and credentials of their users. Group-IB experts have researched this type of malware and have discovered at least 38 families of JS-sniffers, whereas only 12 were known previously.
Request report Try Threat Intelligence & Attribution
Key facts
Group-IB experts have discovered 38 different JS-sniffer families, whereas only 12 were known previously
The total daily number of visitors of all the infected sites exceeds 1.5 million people
By selling compromised payment data cybercriminals can earn from $1 to $5 per card
JS-sniffers can be bought or rented on underground forums, with their price ranging from $250 to $5,000
This class of malware seemed to be a rather primitive threat to large players like banks and payment systems, since JS-sniffers were believed to target small online stores. Now, however, it is time to question that belief. When a site is infected, everyone is involved in the chain of victims — end users, payment systems, banks that issued compromised cards, and companies that sell their goods and services online.
The urgency of the problem is linked to its potentially huge audience (today, almost all of us use online stores). Group-IB Threat Intelligence & Attribution specialists continuously monitor the appearance of new JS-sniffers and appeal to the cybersecurity community to take a closer look at this growing threat.
Viktor Okorokov
Threat Intelligence & Attribution analyst
Group-IB research on targeted attack groups

Hi-Tech Crime Trends 2020/2021

UltraRank: the unexpected twist of a JS-sniffer triple threat

RedCurl: The pentest
you didn’t know about

Online Piracy Research:
Jolly Roger’s patrons
of online pirates in developing countries.

Fxmsp: “The invisible god of networks”

Hi-Tech Crime Trends 2019/20

Attacks by Silence

Hi-Tech Crime Trends 2018

2018 Cryptocurrency Exchanges

Cobalt: their evolution and joint operations

Hi-Tech Crime Trends 2017

Lazarus Arisen: Architecture, Techniques and Attribution

Hi-Tech Crime Trends 2016

MoneyTaker

Buhtrap

Analysis of attacks against trading and bank card system

Anunak: APT against financial institutions

Hi-Tech Crime Trends 2020/2021

UltraRank: the unexpected twist of a JS-sniffer triple threat

RedCurl: The pentest
you didn’t know about

Online Piracy Research:
Jolly Roger’s patrons
of online pirates in developing countries.

Fxmsp: “The invisible god of networks”

Hi-Tech Crime Trends 2019/20

Attacks by Silence

Hi-Tech Crime Trends 2018

2018 Cryptocurrency Exchanges

Cobalt: their evolution and joint operations

Hi-Tech Crime Trends 2017

Lazarus Arisen: Architecture, Techniques and Attribution

Hi-Tech Crime Trends 2016

MoneyTaker

Buhtrap

Analysis of attacks against trading and bank card system

Anunak: APT against financial institutions
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.
Advanced protection against cyber threats
Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.
Intelligence
Аctionable, finished intelligence to track actors and prevent attacks before they happen
Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks
Client-side fraud and attack prevention system for online banking, working across sessions, platforms and devices
Protection from bots, fraud and data leakage for e‑commerce and web portals