The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different ways they obfuscate their payloads to avoid traditional detection.

During a recent investigation for an infected WordPress website, we discovered an obfuscated credit card stealer hiding amongst the website’s theme files which was exfiltrating stolen credit card details from the WooCommerce plugin.

Let’s dive into how we identified the skimmer and analyze its malicious behavior.

Continue reading Analyzing a WooCommerce Credit Card Skimmer at Sucuri Blog.

Pin It on Pinterest