A WooCommerce plugin vulnerability was discovered by researchers at Malwarebytes that exploited it to access users’ credit card data.
Similar to the method used to steal users’ credit card data by exploiting commercial ATMs and payment machines by placing a fake card reader on top of the original reader and attaching a small camera to record the PIN code, Malwarebytes revealed a new hacking method to steal this data that takes place by default. By injecting code into description images on the sites of hacked stores.
According to the company, hackers inject Magecart JavaScrip code into the EXIF format for metadata (Exchange Image Dossier Format) that is the standard used for digital camera images; Those files are then downloaded by the targeted stores in what Malwarebytes considers the first of its kind to steal credit card data.
In an explanation of the new hacking mechanism, the company’s researchers said that recently it was noticed that hackers have resorted to injecting malicious software into favorite icons (link or site icon) that occupy the upper corner of the browser; Which raised doubts about a similar approach in this last operation, but the matter was completely different.
Where the researchers found that the malicious code was injected into the “WooCommerce” plugin used to manage the e-commerce and payment system on the well-known and widespread WordPress electronic content management system and a primary destination for electronic attacks accordingly.
The role of the malware, after downloading, is to perform a scan that allows obtaining payment data, which includes name, address and credit card details.
To be the discovery of this amino company is a reminder that piracy is not limited to a specific space and its software can exploit the smallest gaps and reach anywhere, so the necessary precautions must be taken always.
Source:
