Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Browsing Category

Magento Security

99 posts
Magento 2 PHP Skimmer Saves To Image File
  • Ecommerce Security
  • Magento Security
  • Sucuri Labs
  • Website Security

Magento Credit Card Stealing Malware: gstaticapi

  • Krasimir Konov
  • September 25, 2020
Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information.…
Read the Post
Anatomy of a credit card stealer
  • Ecommerce Security
  • Magento Security
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

CDN-Filestore Credit Card Stealer for Magento

  • Krasimir Konov
  • August 18, 2020
During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain…
Read the Post
Skimmers Magento GitHub
  • Magento Security
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Skimmers in Images & GitHub Repos

  • Denis Sinegubko
  • July 22, 2020
MalwareBytes recently shared some information about web skimmers that store malicious code inside real .ico files. During a routine investigation, we detected a similar issue.…
Read the Post
Malicious Magento User Creator
  • Magento Security
  • Sucuri Labs
  • Website Security

Malicious Magento User Creator

  • Krasimir Konov
  • July 21, 2020
We recently found a simple malicious script leveraging Magento’s internal functions to create a new admin user with the admin role “Inchoo” ⁠— probably referring…
Read the Post
Pirated WordPress & Magento Plugins
  • Ecommerce Security
  • Magento Security
  • Website Malware Infections
  • Website Security
  • WordPress Security

Pirated WordPress Plugins Bundled with Backdoors

  • Luke Leal
  • July 8, 2020
One widespread belief among webmasters is that attackers typically only compromise websites in a couple of ways: by exploiting vulnerabilities or stealing login credentials. Although…
Read the Post
Hybrid Skimmers
  • Ecommerce Security
  • Magento Security
  • Website Malware Infections
  • Website Security

Evasion Tactics in Hybrid Credit Card Skimmers

  • Denis Sinegubko
  • June 5, 2020
The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to…
Read the Post
Labs Note
  • Ecommerce Security
  • Magento Security
  • Sucuri Labs
  • Vulnerability Disclosure
  • Website Malware Infections
  • Website Security

Vulnerabilities Digest: April 2020

  • John Castro
  • May 1, 2020
Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket System By…
Read the Post
Labs Note
  • Ecommerce Security
  • Magento Security
  • Sucuri Labs

Web Skimmer With a Domain Name Generator – Follow Up

  • Denis Sinegubko
  • April 23, 2020
This note is a follow up to our recent post about a web skimmer that uses a dynamic domain name generating algorithm. This week, analyst…
Read the Post
Labs Note
  • Magento Security
  • Sucuri Labs
  • Website Malware Infections

Magento JavaScript Skimmer Targets Tarjetas de Crédito

  • Luke Leal
  • April 17, 2020
A website owner recently contacted us regarding a payment problem on their Magento website. A suspicious payment card form was loading for customers who were…
Read the Post
Anatomy of a credit card stealer
  • Magento Security
  • Website Malware Infections
  • Website Security

Web Skimmer with a Domain Name Generator

  • Denis Sinegubko
  • April 17, 2020
Our security analyst Moe Obaid recently found yet another variation of a web skimmer script injected into a Magento database. The malicious script loads the…
Read the Post
Labs Note
  • Magento Security
  • Sucuri Labs
  • Website Malware Infections

Magento Login Stealer in Fake bg_white.png Image

  • Luke Leal
  • February 24, 2020
Our Remediation team analyst Ben Martin recently found a malicious injection in a compromised Magento 1.9.x installation that was stealing Magento user login credentials. The…
Read the Post
Search
What is SQL injection and how to prevent attacks sidebar
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'