Guided Website Threat Review

Foregenix Blog

Benjamin Hosack

Magento Malicious JavaScript in Action

web security, Magento, malware, JavaScript

,08/11/16 14:48

Magento websites have been under attack from a new malicious JavaScript family of malware - our forensic team has been working with many hacked websites to help them regain control of their online businesses and to limit losses.

Here is a recording made this morning of a demo transaction on a live website with the browser showing the background website activity in the browser. 

Here's the breakdown of what actions our "buyer" made:

Live website on the left, developer tools view on the right showing website background activity.

0:04 - Buyer enters name, credit card number, expiry date and CVV number.

0:14 - Buyer checks the order and at the same time, network activity shows customer data being captured and sent directly out to the attacker via email (partially obfuscated to protect identity of hacked website).

0:19 - Buyer's credit card number harvested, along with name and address.

0.24 - Buyer's CVV number is harvested.

The buyer's personal data and payment card data is STOLEN before the buyer clicks "Order and Pay Duty".

And that's it - simple and highly effective theft.

This is affecting MANY Magento websites - is yours affected?

Guided Website Threat Review




Duncan Slater
Alert: Major UK Payment Service Provider iFrame Man-In-The-Middle Breach

The Foregenix Digital Forensics and Incident Response Team recently reported a man-in-the-middle ...

Read More
Kirsty Trainer
The "Key" to Secure Data - P2PE - Derived Unique Key Per Transaction (DUKPT)

Written by Andrew McKenna, PCI QSA, PCIP at Foregenix The encryption key infrastructure usually ...

Read More

Cyber Security Insights

Duncan Slater
21/07/17 10:15

Foregenix Review of the Office for National Statistics Crime Survey

Today [July 20th 2017] the Office for National Statistics in the UK released their annual Crime Survey for England and Wales (CSEW), for the twelve ...

Read More

Benjamin Hosack
10/07/17 16:40

Magento Websites: How is the security health of your website?

Cyber security is a hot topic, with articles appearing most days within the mainstream media.  As consumers, we’re all becoming more cyber-aware as ...

Read More

Kirsty Trainer
07/07/17 16:41

Take the Guesswork Out of Your Website Security

Let’s say that someone approaches you on the street one day. They point to a busy shop across the street, and they say to you, “That’s my store, and ...

Read More

Andrew McKenna
06/07/17 16:21

Why You Need To Defend Against Nation State Attacks

A few months ago, I was working on a risk assessment with a business and one of the most extreme threats, beyond targeted malware, was an attack by a ...

Read More

David Kirkpatrick
05/07/17 10:57

Penetration Testing: The Quest For Fully UnDetectable Malware

Malware continues to be one of the main attack vectors used by criminals to compromise user and corporate data. Using phishing or social engineering ...

Read More