Vulnerable Plugin Exploited in Spam Redirect Campaign

Some weeks ago a critical unauthenticated privilege escalation vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. It also allows for arbitrary file uploads, which is where we have been seeing the infections start. This plugin has over 400,000 installations so we have seen a sustained campaign to infect sites with this plugin installed. In this post I will review a common infection seen as a result of this vulnerability in the wp-user-avatar plugin.

Continue reading Vulnerable Plugin Exploited in Spam Redirect Campaign at Sucuri Blog.

An Overview of Basic WordPress Hardening

We have discussed in the past how out-of-the-box security configurations tend to not be very secure. This is usually true for all software and WordPress is no exception.

While there are a plethora of different ways that site owners can lock down their website, in this post we are going to review the most basic hardening mechanisms that WordPress website owners can employ to improve their security. We will also review the pros and cons of these different tactics.

Continue reading An Overview of Basic WordPress Hardening at Sucuri Blog.

Magecart Swiper Uses Unorthodox Concatenation

MageCart is the name given to the roughly one dozen groups of cyber criminals targeting e-commerce websites with the goal of stealing credit card numbers and selling them on the black market. They remain an ever-growing threat to website owners. We’ve said many times on this blog that the attackers are constantly using new techniques to evade detection. In this post I will go over a case involving one such MageCart group.

A Hacked Magento Website

Some time ago a client of ours came to us with a heavily infected Magento e-commerce website from where credit card details were being stolen.

Continue reading Magecart Swiper Uses Unorthodox Concatenation at Sucuri Blog.

Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2

In my previous post about ecommerce credit card swipers I described the general overview of the online ecommerce environment as well as some of the reasons behind why websites become compromised with this type of malware. In this post I will go into some more detail of the taxonomy of web-based credit card swipers, review some good online resources on vulnerabilities as well as some steps to protect yourself, your website and your customers.

Different Types of Swipers

Now that we have reviewed the broader ecommerce web environment in the previous post, let’s take a look at some actual swipers and the different “flavours” that they come in.

Continue reading Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2 at Sucuri Blog.

Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 1

Many clients that we work with host and operate ecommerce websites which are frequent targets of attackers. The goal of these attacks is to steal credit card details from unsuspecting victims and sell them on the black market for a profit. The online ecommerce environment is diverse, constituting many different content management system (CMS) platforms and payment gateways all of which have their own features and risks.

In this post I will attempt to demystify this cluttered environment, provide some context for the different attack vectors, and reasons how customer’s credit card details become compromised.

Continue reading Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 1 at Sucuri Blog.

Pin It on Pinterest