Credit Card Skimmer and Backdoor on WordPress E-commerce Site
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated malware attack targeting WordPress WooCommerce sites was discovered, involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a reconnaissance script. The attack focused on financial gain and long-term control. The skimmer, injected into the checkout page, collected payment and billing information, sending it to a malicious server. A PHP backdoor allowed remote system command execution, while a reconnaissance script gathered server information. The attack demonstrates the evolving complexity of e-commerce platform threats, emphasizing the need for strict security measures, regular scans, proper access controls, and timely updates to prevent such exploits.
OPENCTI LABELS :
backdoor,obfuscation,javascript,wordpress,reconnaissance,credit card skimmer,php,e-commerce,woocommerce
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Credit Card Skimmer and Backdoor on WordPress E-commerce Site