Cartwright - an LLM-generated "man-in-the-cart" payment-hijack kit
I was called in to investigate a checkout that had quietly stopped converting on a legacy Italian e-commerce. It was not a card skimmer but a "man-in-the-cart" kit: it hides the shop's real payment options and drops in a fake SEPA gateway, with a live-chat operator to talk the buyer through paying the attacker. The unsettling part is who wrote it: the kit's own runtime says an LLM generates a bespoke loader per victim. Full teardown, indicators, and what it means for any shop on an old codebase. Continua a leggere
Ultima modifica: