E-commerce sites hacked in supply-chain attack
a year ago
- #e-commerce
- #cybersecurity
- #malware
- Hundreds of e-commerce sites, including one owned by a large multinational company, were infected with malware that steals payment card information and sensitive data from visitors' browsers.
- The malware resulted from a supply-chain attack that compromised at least three software providers, remaining dormant for six years before becoming active recently.
- At least 500 e-commerce sites were infected, with estimates suggesting the number could be double that.
- The attack allows remote code execution (RCE) on e-commerce servers, enabling attackers to run info-stealing code on visitors' machines.
- Compromised software providers include Tigren, Magesolution (MGS), and Meetanshi, all supplying Magento-based software. A fourth provider, Weltpixel, may also be affected.
- The malware is often used to inject skimming software (Magecart) that steals payment information from users' browsers.