"New Magecart Campaign Alters 404 Error Pages to Steal Shoppers' Credit Cards"

A Magecart campaign has been manipulating websites' default 404 error page to hide malicious code. According to Akamai, the activity targets Magento and WooCommerce websites, with some victims belonging to major food and retail companies. The malicious code snippet was injected into one of the victim websites' first-party resources. This involves directly inserting the code into the HTML pages or in one of the website's first-party scripts. The attacks are executed via a multi-stage chain in which the loader code retrieves the primary payload during runtime to capture and exfiltrate sensitive information visitors enter on checkout pages. This article continues to discuss findings and observations regarding the sophisticated Magecart campaign.

THN reports "New Magecart Campaign Alters 404 Error Pages to Steal Shoppers' Credit Cards"

Submitted by grigby1