Attackers Abuse Swap File to Steal Credit Cards

blog.sucuri.net

Attackers Abuse Swap File to Steal Credit Cards

blog.sucuri.net

Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 2 months ago

Attackers exploit a swap file to maintain a persistent credit card skimmer on a Magento e-commerce site. Learn how to spot indicators of compromise and mitigate risk.

When it comes to website security, sometimes the most innocuous features can become powerful tools in the hands of attackers. Such was the case in a recent incident we investigated, where bad actors exploited the humble swap file to maintain a persistent credit card skimmer on a Magento e-commerce site. This clever tactic allowed the malware to survive multiple cleanup attempts — that is, until our analysts wrapped up their investigation. In this post, we’ll peel back the layers of this sophisticated ecommerce attack, offering valuable insights into how you can protect your own online store from similar threats. Continue reading Attackers Abuse Swap File to Steal Credit Cards at Sucuri Blog.

You must log in or register to comment.

Chat

Pulse of Truth@infosec.pub

pulse_of_truth@infosec.pub

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

12 users / day
491 users / week
1.16K users / month
1.52K users / 6 months
26 local subscribers
397 subscribers
990 Posts
692 Comments
Modlog

mods:
krogoth@infosec.pub