all InfoSec news
MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
Sucuri Blog blog.sucuri.net
One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus administrator user. It was also found injecting sophisticated credit card skimming JavaScript into the website’s checkout page. This plugin includes an interesting sample of malicious code which goes to great lengths to conceal itself from the website owner.
In this post, we’ll review how the malware worked as well as how ecommerce website owners can …
analysts black hat tactics bogus card credit credit card credit card skimmer credit card stealers ecommerce ecommerce security found hacked websites javascript magecart malicious malicious plugin malware obfuscation page plugin sample skimmer skimming website website malware infections woocommerce wordpress wordpress plugin wordpress plugins and themes wordpress security