Browsing Category
Ecommerce Security
144 posts
Attackers Abuse Swap File to Steal Credit Cards
When it comes to website security, sometimes the most innocuous features can become powerful tools in the hands of attackers. Such was the case in…
Decoding the Caesar Cipher Skimmer
Over the last several weeks we’ve observed an interesting new variation of “gtag” credit card skimming attack with a surprisingly high number of detections so…
Server Side Credit Card Skimmer Lodged in Obscure Plugin
Attackers are always finding new ways to inject malware into websites and new ways to obscure it to avoid detection, but they’re always up to…
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker
In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code —…
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS
We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a…
MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…
40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly…
Skimming Credit Cards with WebSockets
If you were to believe shopping mall merchants, you’d think the holiday season starts immediately after Halloween. Christmas trees and candy canes abound, along with…
Black Friday & Cyber Monday Ecommerce Security Threats
Consumers spent a whopping $35.3 billion during last year’s cyber week shopping season. With Cyber Monday accounting for $11.3 billion in revenue alone, this period remains…
Tampered OpenCart Authentication Aids Credit Card Skimming Attack
Using out of date software is the leading cause of website compromise, so keeping your environment patched and up to date is one of the…
Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images
MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…