Global CyberSecurity

Stylish Magento Card Stealer loads Without Script Tags

0

Recently one of our analysts, Weston H., found a very interesting credit card stealer in a Magento environment which loads a malicious JavaScript without using any script tags. In this post I will go over how it was found, how to decode it and how it works!

One of our clients was reporting that one of their website visitors was receiving a warning from their antivirus program when navigating to their checkout page:

Calls were being made to a known malicious domain that was already blacklisted by multiple vendors for distributing malware and involvement in carding attacks:

This certainly indicated that a card stealer was present somewhere on our client’s website.

Continue reading Stylish Magento Card Stealer loads Without Script Tags at Sucuri Blog.

NATO Mine Countermeasure Group completes mine hunting operation in Germany

Previous article

U.S. 7th Fleet Task Forces form SAG in the South China Sea

Next article

You may also like

Comments

Comments are closed.