Tag: magento

5 Attack Reports | 0 Vulnerabilities

Attack reports

Magento Credit Card Stealer Disguised in an <img> Tag

A sophisticated credit card stealing malware, disguised within an <img> tag, was discovered on a Magento-based eCommerce website. The malware uses Base64 encoding to hide its malicious JavaScript code, making it difficult to detect. It activates on the checkout page, waiting for user interaction be…
magento
credit card theft
magecart
ecommerce
javascript injection
2025-02-13
base64 encoding
<img> tag
web security
Published: February 13, 2025
Downloadable IOCs: 0

Credit Card Skimmer Malware Targeting Magento Checkout Pages

A sophisticated credit card skimmer malware has been discovered targeting Magento-powered eCommerce websites, specifically their checkout processes. The malware dynamically creates a fake credit card form or extracts payment fields, activating only on checkout pages. It uses advanced obfuscation te…
obfuscation
encryption
data exfiltration
credit card skimmer
magento
2024-11-27
ecommerce
javascript injection
checkout pages
Published: November 27, 2024
Downloadable IOCs: 0

Malware Steals Account Credentials

A malicious script targeting e-commerce sites, particularly Magento, has been discovered. The script, found in the dataPost.js file, is heavily obfuscated and designed to steal customer account credentials and admin login details. It waits for login actions to trigger, then scrapes data entered int…
obfuscation
credential theft
magento
e-commerce
2024-11-09
account hijacking
admin access
Published: November 9, 2024
Downloadable IOCs: 0

2024 Credit Card Theft Season Arrives

As the holiday shopping season approaches, eCommerce website owners need to be vigilant against credit card stealing malware, known as 'MageCart'. Attackers focus their efforts in the last quarter to maximize profits from stolen card details. Analysis of recent malware samples reveals sophisticated…
wordpress
magento
credit card theft
2024-11-07
magecart
websocket skimmer
jquery hex skimmer
holiday shopping season
r.blob skimmer
ecommerce security
Published: November 7, 2024
Downloadable IOCs: 0

Hundreds of online stores hacked in new campaign

A cybersecurity report details a malware campaign targeting numerous e-commerce websites running the popular Magento platform. Threat actors exploited a vulnerability to inject malicious code that skims payment data from online shoppers during checkout. The skimmer code is loaded from attacker-cont…
injection
fraud
2024-08-23
magento
skimming
payment
e-commerce
Published: August 23, 2024
Downloadable IOCs: 15
Click here to see more Attack Reports