ANTD.VN – citing from Security Online, WhiteHat said that there are Skimmer malicious code and backdoor stealing credit cards targeting WordPress users.
 |
| Businesses need to protect customer information to avoid being attacked |
Network criminals are increasingly sophisticated when using tactics targeting e -commerce websites like WordPress. This attack includes a credit card skimmer, a backdoor that manages hidden files and a toxic reconnaissance.
The attack is specially designed for websites using WooCommerce, showing a clear focus on e -commerce platforms.
Experts say that this is a multi -dimensional attack, just targeting financial benefits (stealing card information) and for the purpose of controlling the site for a long time. Simply put, this is a complex type of cyber attack, not only stealing money but also maintaining the control of the system was attacked.
This malicious code is related to toxic IP addresses 104.194.151.47 and 185.247.224.241, and the toxic regions[.]com and imageinthebox[.]com, now the researchers have included in the blacklist.
The report shows that the attack is likely to be carried out by a financial criminal group, with the goal of gaining profits by collecting credit card data, maintaining continuous access to the server for long -term exploitation and using the server that is attacked as a springboard for the next attack.
Such malicious attacks can cause consequences such as financial losses for both businesses and customers; Reputation damage, loss of customer trust; Violating PCI standards, which may lead to penalties and legal responsibilities;
Lost website control, allowing hackers to continue exploiting data; SEO damage, reducing the ability to display site on search engines.
To protect the website from similar attacks, administrators should regularly check the source code and system file to detect abnormal signs; Update WordPress, plugin and topic on the latest version.
At the same time, set a web application firewall (WAF) to block toxic requirements; Monitor network traffic to detect suspicious data access behaviors; Periodically back up data to ensure the website can be restored when necessary.
The increasingly sophisticated cyber attacks, especially in the field of e -commerce. To minimize risks, businesses need to actively increase security, monitor the system regularly and apply preventive measures to protect customer data as well as ensure stable operation.
WordPress,monopoly
