silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
Localized fake payment form campaigns using injected scripts to target Magento-powered e-commerce websites from Italy and Bulgaria have been detected by the Sucuri website security service's research team.
Bad actors have continuously upgraded credit card stealing malware with new features and capabilities designed to hide in plain sight to take advantage of e-commerce customers' distraction.
"We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion of the victim’s site domain," said the Sucuri research team. "Sometimes the injected code also references the victim’s site. Recently, we’ve come across another level of customization."