Retailers using WooCommerce are the next target for Magecart card skimmer attacks

Three new Magecart attacks are taking advantage of potential vulnerabilities in the WooCommerce ecommerce platform, experts have warned.

Discovered by RiskIQ, the vulnerabilities target retailers using third-party themes and tools to integrate into  WooCommerce pages that are particularly prone to Magecart risk.

As a result, many consumers are potentially vulnerable to having credit card details stolen ahead of the holiday shopping season.

Magecart threat 

Further research by Barn2, a software company that specializes in WooCommerce products and WordPress, found that WooCommerce represents 29% of the top one million websites using ecommerce technologies. This exceeds five million active installs of the free plugin as of early 2021.

WooCommerce is notably popular because it is a free to use and easily customisable WordPress plugin

“WooCommerce users are often small and medium-sized businesses, sometimes considered the most vulnerable, as they lack resources for complex and highly-vetted third-party tools. As we've seen over the years, both small and large retailers can be the targets of Magecart skimming,” RiskIQ wrote in its blog post.

In a typical Magecart attack, threat actors use a vulnerability and weaknesses in an ecommerce platform to inject a malicious code that skims online payment forms to intercept the payment information of unsuspecting customers.

As these third-party tools integrate with thousands of websites, when one supplier is compromised, Magecart has effectively breached thousands of sites at once.

RiskIQ's detection of skimmers and other malware shows the innumerable ways threat actors gain access, deploy, and hide their tools on victim websites and advice site operations to regularly inspect their crontab commands for strange contents, ensure that access permissions are correct, and audit file access to it.

TechRadar – All the latest technology news

Read More

IOTW: Hackers Target Italy

Italy has been the victim of two ransomware attacks this month. The first blocked a COVID-19 booking system, which is not only a public health hazard but interferes with Italy’s recent healthcare mand…

Articles RSS Feed

Read More