Some cybercriminals have targeted WooCommerce online stores with a sizable number of customers fit enough for a Magecart attack in the nearest future. This discovery was done by researchers from Sucuri, a website security firm.
Ensure your online safety – read our OmniWatch review, a tool dedicated to removing your personal information from the dark web and data broker platforms.
WooCommerce remains an open-source WordPress plugin developed for easy running of e-commerce web stores that are into commercial services. Cybercriminals are using flaws found in WordPress plugins to hack web stores that employed the service of WooCommerce to process their financial dealings.
As explained by Sucuri, this malware is covertly installed as a PHP script (5ea331c1744115ea331c17441f.php) to prepare it for future attacks and also extract MySQL database information for accessing the hacked web storesâ WordPress database and subsequently run SQL queries capable of gathering the web storeâs registered transactions and all payments logged.
Table of Contents
The Magecart Attack Process
According to Leal, one of Sucuri security researchers, Magecart developerâs decision to target just WooCommerce stores in its malicious campaign is to allow them to concentrate their malicious efforts on web stores with a good number of orders and traffic for a good return on invested time as reported by Bleepingcomputer.
Leal concluded by stating that âAnother trick used by the developers of Magecart malware is the method of deploying three backdoors on hacked websites which becomes useful to them in future attack with the help of a web skimmer serving as leverage to unauthorized access for new targets in these hacked websitesâ.
This is certainly not the first of Magecart attack on e-commerce platforms, PCrisk reported of its tracking of an increase in the number of attacks by Magecart on multiple payment processing e-commerce platforms on the 14th of April 2020 which often result to stealing of credit and debit card information by injecting a malicious JavaScript code into the platformâs cart which is capable of scanning debit and credit card details entered by unsuspecting customers.
These stolen credit and debit card details end up sold or used for fraudulent purchases on the dark web market after the hacker once the malicious JavaScript code transmits the stolen details to the control server operated by the hacker.
- Get Sucuri 81% OFF
RELATED POSTS
- Browser Compartmentalization: How to Compartmentalize Your Web Browsers
- Top Cybersecurity Trends Every Web Developer Should Expect in 2020
- 5 Most Common WordPress Attacks in 2020
- WordPress Hardening: 7 Ways to Harden your Website Security
Published By:
Fiorella Salazar is a cybersecurity expert, digital privacy advocate, and VPN evangelist based in Canada. She holds an M.Sc. in Cybersecurity from a Canadian university. She is an avid researcher and frequent contributor to several cybersecurity journals and magazines. Her mission is to raise awareness about the importance of digital privacy and the benefits of using a VPN. She is the go-to source for reliable, up-to-date information on VPNs and digital privacy.