Jump to content
Facebook Twitter Youtube
GFX Designer Recruitment Campaign
Moderators Recruitment

[Software] Retailers using WooCommerce are the next target for Magecart card skimmer attacks

#Hassan.

By #Hassan.,
in Software

 Share

Recommended Posts

#Hassan. Proficient

#Hassan.

Posted
Posted

 

a3iemdsrbs6kjNEGY4ZiXk-1024-80.jpg.webp

Three new Magecart attacks are taking advantage of potential vulnerabilities in the WooCommerce ecommerce platform, experts have warned. Discovered by RiskIQ, the vulnerabilities target retailers using third-party themes and tools to integrate into  WooCommerce pages that are particularly prone to Magecart risk. As a result, many consumers are potentially vulnerable to having credit card details stolen ahead of the holiday shopping season.

Magecart threat Further research by Barn2, a software company that specializes in WooCommerce products and WordPress, found that WooCommerce represents 29% of the top one million websites using ecommerce technologies. This exceeds five million active installs of the free plugin as of early 2021.

WooCommerce is notably po[CENSORED]r because it is a free to use and easily customisable WordPress plugin. “WooCommerce users are often small and medium-sized businesses, sometimes considered the most vulnerable, as they lack resources for complex and highly-vetted third-party tools. As we've seen over the years, both small and large retailers can be the targets of Magecart skimming,” RiskIQ wrote in its blog post. In a typical Magecart attack, threat actors use a vulnerability and weaknesses in an ecommerce platform to inject a malicious code that skims online payment forms to intercept the payment information of unsuspecting customers. As these third-party tools integrate with thousands of websites, when one supplier is compromised, Magecart has effectively breached thousands of sites at once. RiskIQ's detection of skimmers and other malware shows the innumerable ways threat actors gain access, deploy, and hide their tools on victim websites and advice site operations to regularly inspect their crontab commands for strange contents, ensure that access permissions are correct, and audit file access to it.

link : https://www.techradar.com/news/retailers-using-woocommerce-are-the-next-target-for-magecart-card-skimmer-attacks

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

WHO WE ARE?

CsBlackDevil Community [www.csblackdevil.com], a virtual world from May 1, 2012, which continues to grow in the gaming world. CSBD has over 70k members in continuous expansion, coming from different parts of the world.

 

 

Server Zone

Helpful Links

Important Links

VERSION 2.4.0

THEME BY TECTONICPX.COM
© 2022 CSBLACKDEVIL

Licensed to: CsBlackDevil.Com Powered by Invision Community


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept