Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection

Recently, we released an article where a credit card skimmer was targeting checkout pages on a Magento site. Now we’ve come across sophisticated credit card skimmer malware while investigating a compromised WordPress website. This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment details. The malware activates specifically on checkout pages, either by hijacking existing payment fields or injecting a fake credit card form.

Where was the malware found?

Continue reading Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection at Sucuri Blog.