Hackers Stealing Credit Card Info Via e-Commerce WordPress Sites

Share post:

Cybercriminals are now injecting credit card swipers on random plugins from e-commerce WordPress sites to carry out credit card theft.

The process begins with hacking into WordPress sites, while also injecting a backdoor into the site, which allows them to keep their access to the site even after installing updates.

After that, the cybercriminals go further and add their malicious code to random plugins.

Administrators should follow several steps to protect themselves against card snatchers, including limiting the wp-admin range to specific IP addresses only.

Once this step has been taken, the threat actors will not be able to access the site, even after stealing administrator cookies and injecting a backdoor.

In addition, administrators are advised to conduct integrity monitoring through the use of active server-side scanners to ensure that no code changes last too long before they are detected.

Organizations should also develop the habit of reading logs and looking deeply into the details.

For more information, read the original story in BleepingComputer.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways