Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise
#1
Information 
Quote:Two web skimmers have been discovered on the payment webpages of Costway, one of the top retailers in North America and Europe, which sells appliances, furniture and more. The skimmers are targeting consumers’ credit-card payment details.
 
In a twist, researchers say one of these web skimmers is piggybacking on top of the other, to take over the fake forms that had previously been injected onto Costway’s site. The tactic gives the cybercriminals behind the piggybacking skimmer an easy way to harvest credit-card details – without doing the heavy lifting, said researchers.
 
The website under attack runs on the no-longer-maintained Magento 1 e-commerce software branch. Magento is an e-commerce platform for online merchants that’s built on open-source technology. Support for Magento 1 ended last June, with the thousands of retailers worldwide operating on the platform being urged to update to the more mobile-friendly Magento 2 iteration.

“A large number of Magento 1 sites have been hacked but yet are not necessarily being monetized,” said researchers with Malwarebytes on Tuesday. “Other threat actors that want access will undoubtedly attempt to inject their own malicious code. When that happens, we see criminals trying to access the same resources and sometimes fighting with one another.”

Read more: https://threatpost.com/magento-web-skimm...ay/163593/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes
26.7.2 Added supp...Kool — 03:40
WhatsApp Launches New Username Feature ...
WhatsApp Opens Usern...harlan4096 — 17:12
AnyDesk 9.7.9 for Windows
Version 9.7.9 for ...harlan4096 — 15:57
uBOLite 2026.705.2152 (already available...
uBOLite 2026.705.2...harlan4096 — 10:23
Microsoft Warns Windows 11 Enterprise De...
Microsoft has issu...harlan4096 — 10:22

[-]
Birthdays
Today's Birthdays
avatar (56)Step 1
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>