← All Threat Actors
Threat Actor Profile

ScreamedJungle

No known aliases in database
▲ High Threat
ScreamedJungle is a threat actor that exploits vulnerabilities in outdated Magento e-commerce platforms to inject malicious JavaScript code, specifically Bablosoft JS, into compromised websites. This actor has harvested millions of browser fingerprints by leveraging vulnerabilities such as CVE-2024-34102 and CVE-2024-20720. ScreamedJungle utilizes PerfectCanvas technology to ensure pixel-perfect replication of legitimate user fingerprints. Group-IB analysts estimate that over 115 e-commerce sites have been impacted by this fingerprint theft campaign.
Origin

External Resources

CISA Advisories ↗

Related Intelligence

Hacking the mainframe…

LINK COPIED TO CLIPBOARD