WordPress WooCommerce sites targeted by card swiper attacks
Cyber Security

WordPress WooCommerce sites targeted by card swiper attacks

Credit swipers have found a hard-to-detect way to target websites using the WooCommerce plugin by secretly modifying legitimate JavaScript files.

That’s according to web security company Sucuri, which has detailed a recent attack it was called into investigate on a site that had experienced a mysterious spate of credit card fraud.

How this was happening wasn’t clear until Sucuri ran an integrity check on the files (comparing the files present with a known default state) and it became clear that the attackers had hidden malicious JavaScript code inside a system file.

This is unusual because most attacks on ecommerce systems involve appending code at the end of a file, a technique which is effective but easier for defenders to spot.

You might also like

Google Launches Cybersecurity Career Certificate Program

ChatGPT Emerges as Key AI Tech for Security Vendors

Hackers Use HTML Smuggling To Distribute Malware by E-mail

5 safety tips to follow while making digital payment transactions

Leave A Reply

Your email address will not be published.