Examining Unique Magento Backdoors
Liam Smith During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution…
Browsing Category
Magento Security
99 posts
Stylish Magento Card Stealer loads Without Script Tags
Ben Martin Recently one of our analysts, Weston H., found a very interesting credit card stealer in a Magento environment which loads a malicious JavaScript without using…
Magecart Swiper Uses Unorthodox Concatenation
MageCart is the name given to the roughly one dozen groups of cyber criminals targeting e-commerce websites with the goal of stealing credit card numbers…
Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2
In my previous post about ecommerce credit card swipers I described the general overview of the online ecommerce environment as well as some of the…
What is File Integrity Monitoring (FIM)?
What is file integrity monitoring? File Integrity Monitoring (FIM) is a security measure that checks and compares files against a known baseline to detect any…
Magento 2 PHP Credit Card Skimmer Saves to JPG
Luke Leal Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2…
Bogus CSS Injection Leads to Stolen Credit Card Details
A client recently reported their customers were receiving antivirus warnings when trying to access and purchase products from a Magento ecommerce website. This is almost…
Another Credit Card Stealer That Pretends to Be Sucuri
Denis Sinegubko During a routine investigation, we found yet another web skimmer that pretends to be related to Sucuri. One of our Remediation Analysts, Liam Smith, found…
Securing Your Online Store for the Holidays
Victor Santoyo Shopping season is here, and so is the opportunity for ecommerce site owners to grow their business and generate revenue. In lieu of the changing…
Magento Phishing Leverages JavaScript For Exfiltration
During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd…
Backdoor Shell Dropper Deploys CMS-Specific Malware
Krasimir Konov A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and…