Intel Name: Rolandskimmer: silent credit card thief uncovered
Date of Scan: April 3, 2025
Impact: High
Summary: Web-based credit card skimming remains a persistent and evolving threat. Labs uncovered a campaign called “RolandSkimmer,” targeting users in Bulgaria via malicious browser extensions on Chrome, Edge, and Firefox. The attack begins with a deceptive LNK file that executes obfuscated scripts for persistence. Once active, the malware silently harvests and exfiltrates sensitive financial data.
