1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Magento e-commerce platform targeted with sneaky code

Discussion in 'Network World' started by RSS, Jun 26, 2015.

  1. RSS

    RSS New Member Member

    Attackers are using a sneaky method to steal payment card data from websites using Magento, eBay’s widely used e-commerce platform.

    Researchers from Sucuri, a company that specializes in securing websites, said the attackers can collect any data submitted by a user to Magento but carefully filters out anything that doesn’t look like credit card data.

    The attackers are injecting their malicious code into Magento, but it’s still unclear how that process happens, wrote Peter Gramantik, a senior malware researcher with Sucuri.

    “It seems though that the attacker is exploiting a vulnerability in Magento core or some widely used module/extension,” he wrote.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page