A new type of malware called Magecart, has comprimised over 100 eCommerce sites and secretely logs data entered on checkout pages, sending it to the hacker’s server. The peculiarity of the Magecart campaign is that threat actors were injecting a keylogger directly into the target website. How the Magecart malware is working? How to know if your eCommerce site has been compromised ?
Magecart malware is targeting Magento, OpenCart, Braintree, VeriSign
RIskiQ ‘s researchers have been monitoring a campaign dubbed Magecart that compromised many ecommerce websites to steal payment card and other sensitive data.
By the end of June 2016, Sucuri had stumbled upon a variant of Magecart, that was targeting Magento stores that was using the Braintree Magento extension to support payments through the Braintree platform.
The hackers now targeted several eCommerce platforms including Magento, Powerfront CMS and OpenCart and several payment processing services, including Braintree and VeriSign.
How the Magecart malware is operating?
You should not dismiss the potential threat of the Magecart malware, which is continuously evolving to target an increased scope of eCommerce and payment platforms. According to RiskiQ, the malware is now able to obfuscate to hinder analysis and identification. Read the article Malware: infected sites and SEO to learn more about the consequences of a malware on your eCommerce site.
How do I know if my eCommerce site is infected by Magecart malware?
To know if your eCommerce site is really infected or not, you have to assess your site risk level with an advanced security solution. Visit www.ozon.io/scan, fill the form for a free assessment and discover in a matter of minutes if you are infected by a sophisticated malware. Are you?
If you are infected, OZON cybersecurity solution will remove the malware from your website by patching it and prevent from being ever infected again in the future.