Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration.
“This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers Pedro