Credit Card Skimmer Malware Targeting Magento Checkout Pages
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated credit card skimmer malware has been discovered targeting Magento-powered eCommerce websites, specifically their checkout processes. The malware dynamically creates a fake credit card form or extracts payment fields, activating only on checkout pages. It uses advanced obfuscation techniques to avoid detection and is present in both filesystem and database. The stolen data, including credit card information and customer details, is encrypted and exfiltrated to remote servers using a beaconing technique. The infection was initially detected through routine inspection, revealing malicious scripts loaded from blacklisted domains. The malware's sophisticated approach and encryption mechanisms make it challenging to detect, emphasizing the need for regular security audits and robust protective measures for eCommerce platforms.
OPENCTI LABELS :
data exfiltration,obfuscation,encryption,magento,credit card skimmer,javascript injection,checkout pages,ecommerce
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Credit Card Skimmer Malware Targeting Magento Checkout Pages