Magento websites are a frequent target for cybercriminals due to their widespread usage in eCommerce and the valuable customer data they handle. During a routine investigation, we discovered a malicious JavaScript injection targeting Magento websites. This malware dynamically creates a fake credit card form or extracts payment fields directly depending on the variant of the malware, activating only on checkout pages. The stolen data is then encrypted and exfiltrated to a remote server.

Overview of the infection:

Initially discovered by Weston Henry, a colleague on our team, the malware is designed to target Magento-powered eCommerce websites, specifically their checkout processes.

Continue reading Credit Card Skimmer Malware Targeting Magento Checkout Pages at Sucuri Blog.

Via Sucuri.net