Website Security News
This note is a follow up to our recent post about a web skimmer that uses a dynamic domain name generating algorithm. This week, analyst Ben Martin found another variation of the same malware. The script looks very similar. The changes here are pretty minor:…
Read More about Web Skimmer With a Domain Name Generator – Follow Up
A website owner recently contacted us regarding a payment problem on their Magento website. A suspicious payment card form was loading for customers who were trying to pay for items…
Read More about Magento JavaScript Skimmer Targets Tarjetas de Crédito
Our analyst Moe O recently discovered an interesting Javascript injection that was stealing submitted payment data from visitors on a WordPress website with a Woocommerce storefront. The Javascript was found…
We recently came across a simple Magento credit card skimmer found on a compromised website that was loading from the malicious domain magecart[.]net. The malicious domain was first registered on…
Read More about Magento Skimmer Found Loading from magecart[.]net
Recently, we shared a post about a network of domains used in a JavaScript credit card stealing malware campaign. These domains are all hosted on the same server with the…
Our security analyst Christopher Morrow recently discovered a server-side Magento skimmer that was injected into the savePayment function in the app/code/core/Mage/Checkout/Model/Type/Onepage.php file. This code emails payment details to “reachead@yandex[.]com“, then…
