Last month we alerted the community about New Parrot TDS infections being observed across our dataset. With our latest global assessment, the number of ParrotTDS detections in our dataset is 23,477 - this figure is changing daily.
Interestingly many sites have multiple instances of the same malware, with one site having 21 different instances of it infecting various files in the website.
While this attack has typically been used for phishing and malvertising, it would be very simple for it to extend to deploying skimmer malware to harvest payment data and PII.
A quick check of a website using ThreatView will validate whether the site has been caught up in this global infection or not.
Here are the details of the global infection, with IOC data if you wish to check your site without using our free ThreatView platform: Parrot TDS Loader