Skip to content
Northwest Trail

Northwest Trail

  • Regional Language Consumers To Be 75% Of Internet Consumer Base By The End Of 2021 Internet
  • Workplace wellness is changing because to the rise of the enterprise wearable News
  • The owner of Tinder modifies his forecast because of the ongoing problems with Omicron. News
  • The Stand-Up Pouches Market By Type, Application, and Forecast Business
  • Customers are dissatisfied with Sony’s PlayStation 5 update News
  • global-licorice-extract-market
    Licorice Extract Market: Growth Factors, Industry Trends and Forecast 2023 Business
  • Vibrant Vibes: A Guide to Customizing Your Discord Color Scheme Technology
  • TRAI Slashes Rate Of Mobile Number Portability By 79% Internet

Numerous online shopping malls rigged with malware that steals credit card information

Posted on March 17, 2022 By admin

Numerous online shopping malls rigged with malware that steals credit card information

About 500 e-commerce websites were recently revealed to be infiltrated by hackers who installed a credit card skimmer that stealthily gathered sensitive data when visitors attempted to make a transaction.

A report published on Tuesday is merely the latest one using Magecart, an umbrella name given to rival criminal gangs who infect e-commerce sites with skimmers. Over the past several years, hundreds of sites have been affected by flaws that force them to run malicious code. When visitors submit credit card data upon purchase, the malware transfers such information to attacker-controlled servers.

Fraud courtesy of Naturalfreshmall[.]com

Sansec, the security firm that uncovered the current set of infections, claimed the compromised sites were all loading malicious scripts stored at the domain naturalfreshmall[.]com.

“The Natural Fresh skimmer presents a bogus payment popup, undermining the security of a (PCI compliant) hosted payment form,” business researchers stated on Twitter. “Payments are transmitted to https://naturalfreshmall[.]com/payment/Payment.php.”

See also  Scientists have devised a useful chemical data management model

The hackers then changed existing files or planted new files that offered no less than 19 backdoors that the hackers could employ to keep control over the sites in the event the malicious script was identified and deleted and the susceptible software was upgraded. The only method to thoroughly disinfect the site is to detect and remove the backdoors before upgrading the vulnerable CMS that caused the site to be hacked in the first place.

Sansec worked with the admins of compromised sites to discover the common access point utilised by the attackers. The researchers subsequently concluded that the attackers coupled a SQL injection bug with a PHP object injection attack in a Magento plugin known as Quickview. The weaknesses allowed the attackers to execute malicious code directly on the web server.

See also  A travel planning app developed by Google has been shut down

They accomplished this code execution by manipulating Quickview to add a validation rule to the customer eav attribute database and inserting a payload that deceived the host application into constructing a malicious object. Then, they joined up as a new user on the site.

But merely adding it to the database won’t really run the malware, Sansec experts said. Unserializing the data is truly necessary for Magento. Furthermore, this attack’s brilliance lies in its ability to initiate an unserialize just by perusing the Magento sign-up page.”

More than a week after Sansec first revealed the campaign on Twitter, it’s easy to locate sites that are still infected. Bedexpress[.]com was still using JavaScript from the rogue naturalfreshmall[.]com domain at the time of this post’s publication.

See also  The Future of Business: How Quantum Computing is Transforming Industries

These sites were using an outdated version of the Magento e-commerce platform that will be phased down in June 2020. Upgrade to the most recent version of Adobe Commerce if you’re still using this out-of-date package. There are also open source fixes available for Magento 1 that can be installed using either DIY software from the OpenMage project or paid service from Mage-One.

In the absence of specialised training, it might be difficult for the general public to recognise payment-card skimmers. Malwarebytes, for example, is an antivirus programme that scans a website’s JavaScript in real time. Although there’s not a guarantee that a site is safe if it appears to be utilising obsolete software, people may wish to avoid certain sites.###

Internet, Technology

Post navigation

Previous Post: DirectStorage, the company’s upcoming product, is expected to speed up PC game loading times
Next Post: According to a research, children who are permitted to watch a lot of television are more likely to be misbehaved

Related Posts

  • Managing blockchain’s energy to stop its waste News
  • The number of players in Halo Infinite is decreasing on Steam News
  • Listed Options Trading In Australia
    Everything You Need To Know About Listed Options Trading In Australia Technology
  • To put skill back in the spotlight, Leica has launched a new camera News
  • 18 Million Apple Watches Exported In 2017 Technology
  • PCs that don’t support Windows 11 have a watermark on their desktops that’s difficult to remove News
  • Automobile
  • Business
  • Education
  • Entertainment
  • Finance
  • Health
  • Internet
  • News
  • Sports
  • Technology
  • Uncategorized
  • Vacuum Belt Dryer Market Forecast: Strategic Insights and Future Trends 2032
  • Vegetable-Oil-Based Cutting Fluids Market Landscape: Trends, Innovations, and Projections 2032
  • Tooth Regeneration Market Dynamics: Key Drivers and Challenges 2024
  • Construction Materials Market: Trends, Analysis, and Future Outlook 2032
  • Offshore Wind Energy Market Size Overview 2024
  • Here’s How You Can Trace A Plumbing Leak News
  • Engineers arrested for racing General Motors cars Automobile
  • Vacuum Belt Dryer Market Forecast: Strategic Insights and Future Trends 2032 Business
  • Most Likely to Host Extraterrestrial Life on Kepler 452B News
  • quantum computing
    The Future of Business: How Quantum Computing is Transforming Industries Technology
  • Pollen season will become more unpleasant as a result of climate change News
  • Faster drug discovery could be achieved with the use of machine learning Health
  • Chaotic Meeting At Kejriwal’s Residence, BJP Members Walk Out News

Copyright © 2025 Northwest Trail.

Powered by PressBook News WordPress theme