Matt Morrow

10 posts

Matt is a Cyber Security analyst who joined Sucuri in 2018. Matt has a long history of working with Linux and Windows servers in a wide context. At Sucuri, Matt's main responsibilities include identifying and removing malware from websites as well as researching emerging malware trends. When Matt isn't focusing his attention there, you will usually find him working on a new piece of music or out in his garden.

Malware Steals Account Credentials

Matt Morrow
November 8, 2024

It’s common for malware to target e-commerce sites, and these attackers are usually seeking to steal credit card details. In most cases, they will insert…

Read the Post

Rogue Ads Redirect Visitors

Matt Morrow
October 31, 2024

Ads are everywhere. They generate revenue for site owners and can present related content to the website being visited. As detailed in previous articles, bad…

Read the Post

Attackers Abuse Swap File to Steal Credit Cards

Matt Morrow
July 19, 2024

When it comes to website security, sometimes the most innocuous features can become powerful tools in the hands of attackers. Such was the case in…

Read the Post

Credit Card Stealer Hidden in Fake Facebook Pixel Tracker

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

Matt Morrow
April 11, 2024

In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code —…

Read the Post

How to Recognize & Avoid Phishing Emails: A Cautionary Tale

Matt Morrow
July 20, 2023

We’ve all received spam and phishing emails — our inboxes are often full of them. They let us know that our package is being delivered…

Read the Post

X-Cart Skimmer with DOM Based Obfuscation

PrestaShop Skimmer Concealed in One Page Checkout Module

Matt Morrow
July 19, 2022

PrestaShop is a popular freemium open source e-commerce platform used by hundreds of thousands of webmasters to sell products and services to website visitors. While…

Read the Post

It Takes 2 Seconds of Silence to Skim a Credit Card

Matt Morrow
June 7, 2022

E-commerce websites are valuable targets for attackers. Bad actors often leverage creative techniques to conceal their credit card stealers and gather sensitive credit card information…

Read the Post

WooCommerce Credit Card Stealer Concealed in Fake JPG

WooCommerce Credit Card Skimmers Concealed In Fake Images

Matt Morrow
May 3, 2022

Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in…

Read the Post

PHP Re-Infectors: How To Stop PHP Malware That Keeps Coming Back

Matt Morrow
December 8, 2021

We all know why bad actors infect sites: monetary gain, boosts in SEO ratings for their malware or spam campaigns and a number of other…

Read the Post

Magento 2 PHP Skimmer Saves To Image File

7 Ways to Secure Magento 1

Matt Morrow
August 24, 2021

While unpatched installations of Magento 2 contain many vulnerabilities, I’m going to focus my attention on Magento 1 for this article. This is because Magento…

Read the Post