Autoloaded Server-Side Swiper
Denis Sinegubko Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily…
Browsing Category
Magento Security
98 posts
Fake Google Domains Used in Evasive Magento Skimmer
Luke Leal We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that…
Magento Killer
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the…
CC Stealing Code Pretending to be Bing Ads
Krasimir Konov During a recent investigation we found this suspicious code pretending to be associated with Bing ads.After further review, we see that the code is actually…
Images Loading Credit Card Swipers
We’ve come across an interesting approach to injecting credit card swipers into Magento web pages. Instead of injecting a real script, attackers insert a seemingly…
Google Analytics and Angular in Magento Credit Card Stealing Scripts
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious…
Localization and Customization of Credit Card Stealing Malware
Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion…
E-Commerce Security – Planning for Disasters
Victor Santoyo This is the last post in our series on E-commerce Security: Intro to Securing an Online Store – Part 1 Intro to Securing an Online…
Magento Credit Card Stealer Reinfector
Cesar Anjos In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal…
Magento CC Stealer Reinfector
We have seen many times in the past few months how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins,…
Shell Logins as a Magento Reinfection Vector
Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php;…