![]() ![]() What is concerning about this attack is that the attackers took additional steps to encrypt the data with a public key in PEM format and a randomly generated string, making it more difficult for fraud prevention officers or law enforcement to investigate the theft. ![]() ![]() So, cybersecurity researchers have seen this as a new trend. Storing stolen credit card information in an image file is not a new technique, but usually, the information is saved in either plain text format or encoded as basic base64 data in most instances. The encrypted data is then dumped into an image file (.jpg) and made easily accessible. The code checks for user payment information and generates a random password to encrypt the payment details. The attackers tampered with the primary file of the plugin (./wp-content/plugins/woocommerce-gateway-authorize-net-cim/ class-wc-authorize-net-cim.php ) and injected malicious code that steals payment information from users. Upon investigation, researchers found that the compromise occurred through modifying files related to the client’s payment gateway, .Ī, which Visa owns, is a payment gateway that allows vendors to handle digital transactions. Unknown individuals fraudulently used their legitimate cards on their website over the holidays. Recently, a client of Sucuri received a warning from their bank that their website may have been compromised. WooCommerce is a popular, open-source eCommerce plugin for WordPress. This threat has now extended to WordPress environments, particularly those using WooCommerce. Magecart is a type of malware that can steal credit card information from eCommerce websites. Online transactions ease our daily lives but also pose a serious risk to both businesses and their customers. ![]()
0 Comments
Leave a Reply. |