New Instagram Phishing Attack Steals Backup Codes, Bypassing 2FA
December 21, 2023Microsoft Warns of FalseFont Backdoor Threat in Defense Sector
December 27, 2023Cybercriminals have unleashed a deceptive new weapon in their arsenal against e-commerce websites: a rogue WordPress plugin that masquerades as a legitimate tool while stealthily injecting malicious code to steal credit card information. This alarming development is part of a broader Magecart campaign that's targeting vulnerable online stores, leaving customers and businesses at risk.
Here's a breakdown of the key you need to know:
- Fake Plugin Disguise: The malware presents itself as a seemingly harmless "WordPress Cache Addons" plugin, tricking users into installing it.
- Automatic Hiding and Activation: Once installed, it cleverly copies itself to a hidden directory, bypassing standard plugin management and remaining undetected within the site's infrastructure.
- Persistent Access Through Hidden Admin Accounts: To ensure continued control even if the plugin is removed, it can create covert admin accounts, providing a backdoor for the attackers.
- Credit Card Skimming: The ultimate goal of this insidious campaign is to inject malicious JavaScript code into checkout pages, effectively skimming credit card details as unsuspecting customers enter their payment information.