Ben Martin

99 posts

Ben Martin is a security analyst and researcher who joined the company in 2013. Ben's main responsibilities include finding new undetected malware, identifying trends in the website security world, and, of course, cleaning websites. His professional experience covers more than a decade of working with infected websites of every variety with a special focus on eCommerce / credit card theft malware. When Ben isn't slaying malware you might find him producing music, gardening, or skateboarding around Victoria.

Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2

Ben Martin
June 30, 2021

In my previous post about ecommerce credit card swipers I described the general overview of the online ecommerce environment as well as some of the…

Read the Post

Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 1

Ben Martin
June 23, 2021

Many clients that we work with host and operate ecommerce websites which are frequent targets of attackers. The goal of these attacks is to steal…

Read the Post

Malicious Redirects Through Bogus Plugin

Ben Martin
June 17, 2021

Recently we have been seeing a rash of WordPress website compromises with attackers abusing the plugin upload functionality in the wp-admin dashboard to redirect visitors…

Read the Post

WooCommerce Credit Card Swiper Hides in Plain Sight

WooCommerce Credit Card Skimmer Hides in Plain Sight

Ben Martin
May 28, 2021

Recently, a client’s customers were receiving a warning from their anti-virus software when they navigated to the checkout page of the client’s ecommerce website. Antivirus…

Read the Post

Object Injection Vulnerability Affects WordPress Versions 3.7 to 5.7.1

Ben Martin
May 17, 2021

If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a…

Read the Post

Server Side Scans and File Integrity Monitoring

What is File Integrity Monitoring (FIM)?

Ben Martin
May 13, 2021

What is file integrity monitoring? File Integrity Monitoring (FIM) is a security measure that checks and compares files against a known baseline to detect any…

Read the Post

WordPress Continues to Fall Victim to Carding Attacks

Ben Martin
April 14, 2021

Unsurprisingly, as WordPress continues to increase in popularity as an e-commerce platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the WordPress plugin WooCommerce accounts for roughly a quarter of all…

Read the Post

Bogus CSS Injection Leads to Stolen Credit Card Details

Ben Martin
January 5, 2021

A client recently reported their customers were receiving antivirus warnings when trying to access and purchase products from a Magento ecommerce website. This is almost…

Read the Post

Reverse String WooCommerce WordPress Credit Card Swiper

Ben Martin
July 27, 2020

As 2020 continues to be the worst year in almost anybody’s lifetime, allow me to take this opportunity to stoke the fires of your existential…

Read the Post

Analysis of a WordPress Credit Card Swiper

Ben Martin
April 9, 2020

While working on a recent case, I found something on a WordPress website that is not as common as on Magento environments: A credit card…

Read the Post

Neapolitan Backdoor Injection

Ben Martin
August 1, 2019

Most of us are familiar with Neapolitan ice cream: a flavour whose distinguishing characteristic is not one single flavour but several. Many also know it…

Read the Post