CDN-Filestore Credit Card Stealer for Magento
Krasimir Konov During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain…
Browsing Category
Magento Security
98 posts
Skimmers in Images & GitHub Repos
Denis Sinegubko MalwareBytes recently shared some information about web skimmers that store malicious code inside real .ico files. During a routine investigation, we detected a similar issue.…
Malicious Magento User Creator
We recently found a simple malicious script leveraging Magento’s internal functions to create a new admin user with the admin role “Inchoo” — probably referring…
Pirated WordPress Plugins Bundled with Backdoors
Luke Leal One widespread belief among webmasters is that attackers typically only compromise websites in a couple of ways: by exploiting vulnerabilities or stealing login credentials. Although…
Evasion Tactics in Hybrid Credit Card Skimmers
The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to…
Vulnerabilities Digest: April 2020
John Castro Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket System By…
Web Skimmer With a Domain Name Generator – Follow Up
This note is a follow up to our recent post about a web skimmer that uses a dynamic domain name generating algorithm. This week, analyst…
Magento JavaScript Skimmer Targets Tarjetas de Crédito
A website owner recently contacted us regarding a payment problem on their Magento website. A suspicious payment card form was loading for customers who were…
Web Skimmer with a Domain Name Generator
Our security analyst Moe Obaid recently found yet another variation of a web skimmer script injected into a Magento database. The malicious script loads the…
Magento Login Stealer in Fake bg_white.png Image
Our Remediation team analyst Ben Martin recently found a malicious injection in a compromised Magento 1.9.x installation that was stealing Magento user login credentials. The…
Magento Credit Card Stealer: harilov[.]com
Our Remediation team lead Ben Martin recently discovered a single line obfuscated PHP injection in the main index.php file of a Magento 1.9.x website. It…