MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer

One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus administrator user. It was also found injecting sophisticated credit card skimming JavaScript into the website’s checkout page. This plugin includes an interesting sample of malicious code which goes to great lengths to conceal itself from the website owner.

In this post, we’ll review how the malware worked as well as how ecommerce website owners can protect themselves from such attacks.

Continue reading MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer at Sucuri Blog.

Posted in

About Us

I believe that everyone should have a mechanic that they can trust and after spending several years helping out various customers for large companies I've seen my fair share of issues.

Honesty, Integrity, and Compassion are what we share with everyone that we work with. Stop scouring the internet for help and see how we can help you today.

Our Services

Website Migrations

Plugin & Theme Updates

IDX Broker Customizations

Facebook Chatbots

DNS & Email Integrations

logo

E-mail: contact@thewpmechanic.com