Cybercriminals Exploit Legacy Stripe API to Validate Stolen Card Data in Sophisticated Skimming Campaign

Researchers uncovered a web skimming operation targeting 49 e-commerce merchants by exploiting Stripe's deprecated API to validate stolen payment cards. The sophisticated attack injects malicious code mimicking legitimate checkout pages while leveraging cryptocurrency options and automated customization tools.