Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images

MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or core file injections installed into WordPress / WooCommerce environments (which are increasingly common, and may be due to antivirus programs increasing their detection rate on compromised checkout pages).

However, a little less frequently we find skimmers hidden in plain sight.  During a recent website cleanup of a compromised Magento ecommerce website we caught something …

antivirus black hat tactics card credit credit card database decoding detection ecommerce security environments file hacked websites images infections javascript magecart magento magento security malicious malicious plugins malware may obfuscated obfuscation plugins rate skimmers tables website malware infections woocommerce wordpress