"The initial victims that we identified were mainly job search websites. Additionally, the group focuses on selling data stolen from recruiting agencies," Nikita Rostovcev, a senior analyst from the cyber security firm, told The Reg.
"The presence of this code on these pages does not necessarily imply that it was executed on every device. However, it does indicate the persistence of the attackers and their attempts to inject their XSS scripts into all possible input fields on the targeted websites. Group-IB has also found evidence that the XSS script was executed on some of the visitors' devices," noted Group-IB's infosec analysts.
[
add
]
[
|
|
...
]