Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

Benjamin Hosack

Magento Malicious JavaScript in Action

08/11/16 14:48

Magento websites have been under attack from a new malicious JavaScript family of malware - our forensic team has been working with many hacked websites to help them regain control of their online businesses and to limit losses.

Here is a recording made this morning of a demo transaction on a live website with the browser showing the background website activity in the browser. 

Here's the breakdown of what actions our "buyer" made:

Live website on the left, developer tools view on the right showing website background activity.

0:04 - Buyer enters name, credit card number, expiry date and CVV number.

0:14 - Buyer checks the order and at the same time, network activity shows customer data being captured and sent directly out to the attacker via email (partially obfuscated to protect identity of hacked website).

0:19 - Buyer's credit card number harvested, along with name and address.

0.24 - Buyer's CVV number is harvested.

The buyer's personal data and payment card data is STOLEN before the buyer clicks "Order and Pay Duty".

And that's it - simple and highly effective theft.

This is affecting MANY Magento websites - is yours affected?

Need help? Get a Website Health Check  Sign up >

 

 

TRENDING POSTS

Ewan Gardner
Serious Vulnerability Discovered in Adminer database Administration Tool
18/01/19 17:19

Foregenix are warning all their partners this morning about a vulnerability discovered in the ...

Read More
David Kirkpatrick
Penetration Testing: The Quest For Fully UnDetectable Malware
05/07/17 10:57

Malware continues to be one of the main attack vectors used by criminals to compromise user and ...

Read More