While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online stores with large user-bases.

This time, our analysts Kara Federow and Keith Petkus found malware on a website powered by PinnacleCart, a webstore solution used by a large number of popular websites with hundreds of thousands of monthly visitors.

By default, PinnacleCart offers to host new stores, but they also allow users to purchase a licence for $1,495 and install the software separately on an independent server.

Continue reading PinnacleCart Server-Side Skimmers and Backdoors at Sucuri Blog.

Via Sucuri.net