New Ecommerce Exploit Affects WooCommerce, Shopify, Magento via @sejournal, @martinibuster
A serious hacking attack has been exploiting ecommerce websites to steal credit card information from users and to spread the attack to other websites.
These hacking attacks are called Magecart style skimmer and it’s spreading worldwide across multiple ecommerce platforms.
Attackers are targeting a variety of ecommerce platforms:
- Magento
- Shopify
- WooCommerce
- WordPress
What Does the Attack Do?
The attackers have two goals when infecting a website:
1. Use the site to spread itself to other sites
2. Steal personal information like credit card data from customers of the infected website.
Identifying a vulnerability is difficult because the code dropped on a website is encoded and sometimes masked as a Google Tag or a Facebook Pixel code.