Website Security News
Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle transactions based on order details and allows for out-of-the-box integrations with payment service providers like PayPal and Braintree. Since these…
Read More about Credit Card Stealer Targets PsiGate Payment Gateway Software
The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different ways they obfuscate their payloads…
Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located server-side, the other client-side. X-Cart’s…
Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam pages, or commercial websites with…
Read More about Massive WordPress JavaScript Injection Campaign Redirects to Ads
Nowadays, the term DDoS probably raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they do know the effect: an extremely sluggish…
Read More about What Happens During a DDoS Attack and How to Know if You Are Under an Attack
During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page. We regularly receive reports like…
Read More about Manually Identifying an X-Cart Credit Card Skimmer
Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in past blog posts. Due to…
Read More about WooCommerce Credit Card Skimmers Concealed In Fake Images
MageCart is the name given to the roughly one dozen groups of cyber criminals targeting e-commerce websites with the goal of stealing credit card numbers and selling them on the…
Read More about Magecart Swiper Uses Unorthodox Concatenation
In my previous post about ecommerce credit card swipers I described the general overview of the online ecommerce environment as well as some of the reasons behind why websites become…
Read More about Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2
Many clients that we work with host and operate ecommerce websites which are frequent targets of attackers. The goal of these attacks is to steal credit card details from unsuspecting…
Read More about Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 1
Recently, a client’s customers were receiving a warning from their anti-virus software when they navigated to the checkout page of the client’s ecommerce website. Antivirus software such as Kaspersky and…
Read More about WooCommerce Credit Card Skimmer Hides in Plain Sight
