Shell Logins as a Magento Reinfection Vector
Cesar Anjos Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php;…
Browsing Category
Magento Security
99 posts
Hacked Website Trend Report – 2017
Rianna MacLeod We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the…
GitHub Hosts Infostealers Part 2: Cryptominers and Credit Card Stealers
Denis Sinegubko Update – March 28th, 2018: The fake Flash update files referenced in this post have been moved from GitHub to port.so[.]tl, and the bit.wo[.]tc script…
New Guide on How to Clean a Hacked Website
Juliana Lewis Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research…
Risks For E-commerce Site Owners Through the Holidays
Pilar Garcia Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also…
How to Avoid Malicious Cyber Monday Campaigns
Ahmad Azizan Idris As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent…
Cryptominers on Hacked Sites – Part 2
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised…
Credit Card Stealer Investigation Uncovers Malware Ring
Krasimir Konov During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites. What I…
Ecommerce Security: Fake Jquery Used as CC Scraper
Bruno Zanelato In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise…
When Online Shopping leads to Malware download
Recently, during an incident response process, we worked on an interesting Magento website. This site was reported to having a strange redirection when users visited…
Phishing Leveraging the Sucuri Brand
Rafael Capovilla We are always on guard for phishing emails and websites that might try to compromise our customers or employees, so that we can be on top of…