Smilodon Credit Card Skimming Malware Shifts to WordPress
Ben Martin WordPress’ massive market share has come with an unsurprising side effect: As more and more site admins turn to popular plugins like WooCommerce to turn…
It Takes 2 Seconds of Silence to Skim a Credit Card
Matt Morrow E-commerce websites are valuable targets for attackers. Bad actors often leverage creative techniques to conceal their credit card stealers and gather sensitive credit card information…
Analysis of the Massive NDSW / NDSX Malware Campaign
Denis Sinegubko Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive…
WordPress Vulnerabilities & Patch Round-up — May 2022
Antony Garand Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Top Ten Most Cumbersome Website Infections to Remove in 2021
In today’s post we’re going to be going over the top ten most cumbersome website infections to remove, based on the sheer number of files…
Credit Card Stealer Targets PsiGate Payment Gateway Software
Luke Leal Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle…
Analyzing a WooCommerce Credit Card Skimmer
Liam Smith The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different…
X-Cart Skimmer with DOM-based Obfuscation
Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located…
Massive WordPress JavaScript Injection Campaign Redirects to Ads
Krasimir Konov Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam…
Examining Emerging Malware: Website Backdoors
Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New and emerging backdoor variants…
Manually Identifying an X-Cart Credit Card Skimmer
During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page.…