Credit Card Skimmer and Backdoor on WordPress E-commerce Site

The battle against e-commerce malware continues to intensify, with attackers deploying increasingly sophisticated tactics. In a recent case at Sucuri, a customer reported suspicious files and unexpected behavior on their WordPress site. Upon deeper analysis, we discovered a complicated infection involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a malicious script all working together as part of a coordinated attack.

What Did We See?

The customer initially contacted us after noticing unknown files on their server and experiencing intermittent issues with their checkout process.

Continue reading Credit Card Skimmer and Backdoor on WordPress E-commerce Site at Sucuri Blog.