menu

Magento PHP One-Liner Backdoor

2021-12-09 :: Luke
#3bcea1436b9096a7c71182b7fa07ca1d  #backdoor  #one liner  #ecommerce  #PHP  #website malware  Magento PHP One-Liner Backdoor
Analysis of a PHP one-liner found injected on Magento ecommerce websites and learn how it is used by attackers.
Read more →

.wtf() Skimmer Still Targeting WooCommerce Websites

2021-11-30 :: Luke
#convert-server.com  #JavaScript  #skimmer  #WordPress  #WooCommerce  #ecommerce  #website malware  .wtf() Skimmer Still Targeting WooCommerce Websites
Almost identical to the one from back in March 2021 except this uses convert-server.com as the exfiltration domain.
Read more →

N26 Bank Phishing Kit & Panel Sends Custom Push Notifications

2021-11-13 :: Luke
#N26.com  #S4LIM  #uDashboard  #CVV  #real-time  #phishing  #fraud  #PHP  #website malware  N26 Bank Phishing Kit & Panel Sends Custom Push Notifications
A phishing kit targeting the German bank N26.com and exfiltrating the stolen data to a third party hosted phishing panel which in turn immediately sends a push notification to the attacker.
Read more →

Shopify Phishing Kit

2021-11-01 :: Luke
#Shopify  #zazzy  #phishing  #fraud  #PHP  #website malware  Shopify Phishing Kit
Shopify phishing kit by zazzy.
Read more →

Phishing Kit Targets Iran’s Keshavarzi Bank (Agribank)

2021-09-24 :: Luke
#bki.ir  #Keshavarzi  #Agribank  #Iran  #OTP  #phishing  #fraud  #PHP  #website malware  Phishing Kit Targets Iran's Keshavarzi Bank (Agribank)
A seemingly rare phishing kit that targets Iran’s Keshavarzi Bank (Agribank) users and steals their login + OTP.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.