WooCommerce Credit Card Skimmer Hides in Plain Sight
Ben Martin Recently, a client’s customers were receiving a warning from their anti-virus software when they navigated to the checkout page of the client’s ecommerce website. Antivirus…
Browsing Category
Ecommerce Security
151 posts
Magento 2 PHP Credit Card Skimmer Saves to JPG
Luke Leal Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2…
Magento PHP Injection Loads JavaScript Skimmer
A Magento website owner was concerned about malware and reached out to our team for assistance. Upon investigation, we found the website contained a PHP…
Real-Time Phishing Kit Targets Brazilian Central Bank
We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page…
Fake WordPress Functions Conceal assert() Backdoor
Douglas Santos A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting.…
PrestaShop SuperAdmin Injector and Login Stealer
According to W3Tech’s data, PrestaShop is among the most popular CMS choices for existing ecommerce websites, so it should come as no surprise that malware…
Another Credit Card Stealer That Pretends to Be Sucuri
Denis Sinegubko During a routine investigation, we found yet another web skimmer that pretends to be related to Sucuri. One of our Remediation Analysts, Liam Smith, found…
Securing Your Online Store for the Holidays
Victor Santoyo Shopping season is here, and so is the opportunity for ecommerce site owners to grow their business and generate revenue. In lieu of the changing…
Magento Phishing Leverages JavaScript For Exfiltration
During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd…
Magento Credit Card Stealing Malware: gstaticapi
Krasimir Konov Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information.…
CDN-Filestore Credit Card Stealer for Magento
During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain…