Online stored based on Magento hacked to steal card data, run cryptojacking scripts

Security researchers have identified 1000+ magento sites that have been hacked by hackers and infected them with malicious scripts which can be used to steal credit card data, deliver malware or run crypto mining scripts.

"The Magento sites are being compromised through brute-force attacks using common and known default Magento credentials," Flashpoint researchers say.

How the hacking took place ?

When users install magento they get a default credentials and in most of the cases brute force attack was sued to compromise the sites. Once attackers gain access to these sites, researchers say they've observed three main patterns of malicious activities.

The most common practice is to insert malicious code in Magento core files, code that logs payment card information entered inside the checkout process. Such malware is named a card scraper, and users should expect to find one on any e-commerce store that looks to have missed a few updates.

Second, attackers also deploy cryptojacking scripts that mine Monero on the computers of store visitors, a practice that has become quite common these days, across all sites, not just Magento stores.

Last but not least, hackers also use these compromised Magento stores to redirect some of the infected sites' visitors to malicious sites that attempt to trick users into downloading and installing malware on their computers. According to cases investigated by Flashpoint researchers, the most prevalent tactic was to redirect users to sites offering phony Adobe Flash Player update packages, which would infect users with the AZORult infostealers.

Everbuying - [ E-Commerce website review ]

Are you a shoppoholic ? And want to try out different outlets, then here is one for you. May not bet a shoppoholic, if you are a trend conscious person and want to keep it cool and global then is for you. Today is the era of online shopping. Today the e commerce services have largely replaced retailers because they provide a wide range of products at our finger tips. One can shop  any time anywhere 24x7.

Here we share with you a leading e commerce website which has great products and deals to offer to global targets.

Everbuying is a leading global online wholesale retail company. It operates in the international wholesale market. Its specialization is  in electronics and contemporary fashion. closely follows the very latest trends and developments in European and American fashion and has enjoyed years of continuous growth by faithfully serving a worldwide customer. The site has achieved customer satisfaction from over 200 countries since 2006.

 The site has more than 100,000 diverse product lines for the international market encompassing the very latest in top-quality products, such as the latest in cheap Android cell phones, cheap Android tablets, cheap car DVD players, cheap LED lighting, all kinds of cool electronic gadgets, cheap dresses, affordable fashion wedding dresses, cosplay costumes, outdoor equipment and many more great products. 

It provides a detailed description of each and every product so that the customers can decide well which product to go for. The site also comes up with lots of exciting offers on sales and discounts. The site also provides a variety of shipping and payment method in order to facilitate customers from all over the world.