url

https://api.348672-shakepay.com/api/card

discovered 2026-07-09

PAN/CVV/card-data exfiltration endpoint (Braintree.CardOperationLogger). Stored as a PLAINTEXT string constant in Braintree.dll (no obfuscation). POST manually-concatenated JSON with header X-Api-Key: 2523-5235-8564-2683-2386, in an empty catch.

Linked packages

Read the full analysis →