Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Hackers Employ Magecart Keylogger to Steal Unfortunate Shoppers’ Payment Cards


One fresh keylogger circulating on the Web emerged this March, but it was in May when the early infections occurred, targeting major Internet stores. When June-end arrived, security firm Sucuri encountered one Magecart version whose file extension was Braintree Magento that was used for paying purchases through the Braintree system.

The Magecart assault showed the above facet that ClearSky and RiskIQ, among other companies, constantly traced to and fro several Internet shopping websites.

The Magecart keylogger was recently filching credit card details that online buyers used on dozens of prominent websites. So Web-surfers buying items via any of the said Internet sites are advised closely watching their payment card statements.

Researchers describe the Magecart malware as merely JavaScript incorporated into certain hijacked site's source code. The process occurs while exploiting security flaw within the CMS system alternatively the online-connected PC itself. Immediately when the hacker gains admission into either of the two, he appends the keylogger to the hijacked site's source-code.

There are dual phases in the Magecart infection. First, the JavaScript waits for the end-user to reach the checkout web-page. It is just when he accesses URLs pertaining to the checkout web-page of the CMS platform that Magecart malware navigates to the 2nd phase. This phase deals with installing the real payload of the keylogger. Virusguides.com posted this, October 7, 2016.

Magecart's payload is yet one more JavaScript that intercepts everything entered into the 'from' fields of the end-user victim. That information is then uploaded collectively onto the remote server of the attacker.

Everyday Web-surfers can avoid compromised websites which is all they can do for their protection except if there's a fix to rectify the problem. But that mayn't necessarily happen, for according to RiskIQ, just a few affected websites acquiesced having the problem. Besides, the list isn't exhaustive for, one could eschew each URL on it; even then end up having his card compromised.

Like every time, closely watching the payment card statements while giving the right contact to the card issuer, should it require intimating if probable suspicious activity occurs, are the only means for safeguarding oneself for now.

» SPAMfighter News - 13-10-2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.
To reward your interest, we would like to offer you any of our award-winning products
at the price $19.95. Pick your own favorites.

Go back to previous page
Next