WebRTC Data Channel Exploit Enables Stealthy E-Commerce Payment Theft

Cybersecurity researchers have uncovered a novel payment skimmer leveraging WebRTC data channels to bypass traditional security controls and exfiltrate sensitive payment information from e-commerce platforms. This advanced malware variant abandons conventional HTTP requests and image beacons in favor of WebRTC’s peer-to-peer communication framework, enabling it to load malicious payloads and transmit stolen credit card data with unprecedented stealth.
The attack methodology represents a significant evolution in e-commerce fraud techniques. By exploiting WebRTC’s data channels—typically used for real-time audio and video communication—the skimmer establishes a covert channel for both receiving instructions and exfiltrating payment data without triggering conventional detection mechanisms. Security firm Sansec, which identified the threat, notes that this approach effectively circumvents Content Security Policy (CSP) implementations that would normally block suspicious external requests.
Industry analysts warn that this development signals a dangerous new phase in digital payment security, where attackers continuously adapt to security measures. The use of WebRTC data channels provides several advantages to threat actors: it operates over standard ports, mimics legitimate browser behavior, and bypasses many network-level security controls designed to detect traditional exfiltration methods. Financial institutions and online retailers are now racing to implement countermeasures as the attack technique gains traction among cybercrime groups targeting high-value e-commerce transactions.

Reported by Nova Stirling (Aerospace & Space Tech Correspondent).