menu

printcss.host Loads JavaScript Skimmer 0x2031

2020-12-17 :: Luke
#_0x2031  #printcss[.]host  #skimmer  #magento  #ecommerce  #JavaScript  #website malware  printcss.host Loads JavaScript Skimmer 0x2031
A JavaScript skimmer loading from a fake CSS request to URL printcss[.]host/styles.css which was injected into the Magento 2 database table cms_block.content.
Read more →

Malware Disables Wordfence Security Plugin & Forges Timestamps

2020-12-16 :: Luke
#backdoor  #plugin killer  #wordpress  #PHP  #website malware  Malware Disables Wordfence Security Plugin & Forges Timestamps
A malicious PHP file is used to take down Wordfence plugin before it adjusts its own mtime timestamp.
Read more →

PHP Injector Makes Evil Use of error_log

2020-12-15 :: Luke
#1550208479  #error_log  #injector  #backdoor  #PHP  #website malware  PHP Injector Makes Evil Use of error_log
A PHP backdoor that injects its payload into the default PHP error_log
Read more →

m2cmds.php: Magento 2 Dev Tool or Deceptive Hacktool?

2020-12-11 :: Luke
#m2cmds.php  #dev tool  #magento  #ecommerce  #PHP  #website malware  m2cmds.php: Magento 2 Dev Tool or Deceptive Hacktool?
Is this m2cmds.php file an insecure third-party dev tool for Magento - or a malicious hacktool used by an attacker?
Read more →

Skimmer Loaded Via Image On MemberPress Checkout Form & Magento

2020-12-08 :: Luke
#0x165a3f  #skimmer  #WordPress  #Magento  #steganography  #ecommerce  #JavaScript  #website malware  Skimmer Loaded Via Image On MemberPress Checkout Form & Magento
A payment card skimmer hidden within an existing PNG image on an infected WordPress website that uses MemberPress and collects payment data for private membership. A variant was also found stealing payment card information on an infected Magento website.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.