Website Security News
Keep up to date on the latest Magento infections and mitigation steps to keep your Magento shop secure. Browse our latest posts about Magento security, including the latest vulnerability disclosures, credit card swipers, and PCI compliance.
Shopping season is here, and so is the opportunity for ecommerce site owners to grow their business and generate revenue. In lieu of the changing global ecommerce climate that this pandemic has produced, comes the importance of securing your website to protect your users —…
During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd file name choice for a…
Read More about Magento Phishing Leverages JavaScript For Exfiltration
A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want….
Read More about Backdoor Shell Dropper Deploys CMS-Specific Malware
Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information. To obtain sensitive details, the…
Read More about Magento Credit Card Stealing Malware: gstaticapi
During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain cdn-filestore[dot]com. My colleague Luke Leal…
Read More about CDN-Filestore Credit Card Stealer for Magento
MalwareBytes recently shared some information about web skimmers that store malicious code inside real .ico files. During a routine investigation, we detected a similar issue. Instead of targeting .ico files,…
We recently found a simple malicious script leveraging Magento’s internal functions to create a new admin user with the admin role “Inchoo” — probably referring to a Croatian Magento consulting…
One widespread belief among webmasters is that attackers typically only compromise websites in a couple of ways: by exploiting vulnerabilities or stealing login credentials. Although these are certainly two of…
Read More about Pirated WordPress Plugins Bundled with Backdoors
The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to a third-party server controlled by…
Read More about Evasion Tactics in Hybrid Credit Card Skimmers
Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket System By Phoeniixx Reflected XSS Closed 2000…
This note is a follow up to our recent post about a web skimmer that uses a dynamic domain name generating algorithm. This week, analyst Ben Martin found another variation…
Read More about Web Skimmer With a Domain Name Generator – Follow Up
