Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Monday June 29 2015, @11:03AM   Printer-friendly
from the magneto-immune dept.

A Register story:

[Security] infosec researcher Peter Gramantik says carders are exploiting an unknown vulnerability to steal billing information from e-commerce sites that use eBay's Magento platform. Gramantik found an attack script that plunders POST data and identifies valuable payment data before storing it as an encrypted image file. He says attackers appear to be exploiting a vulnerability in Magento core and demonstrate a strong understanding of the way the platform works.

A quarter of all Alexa top one million e-commerce sites are said to use Magento, making it a valuable target for attackers.

"It seems though that the attacker is exploiting a vulnerability in Magento core or some widely used module/extension," Gramantik says. "Using this vector, the attacker is able to inject malicious code into the Magento core file ... the attacker gets the content of every POST request. The sad part is that you won't know it's affecting you until it's too late, in the worst cases it won't become apparent until they appear on your bank statements."

Gramantik says the inclusion of a public key variable indicates the attacker is likely behind a family of credit card stealers.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday June 29 2015, @01:49PM

    by Anonymous Coward on Monday June 29 2015, @01:49PM (#202793)

    > nothing quite induces a "I don't want to be involved" situation quite like paypal.

    Must be why ebay is so eager to get away from paypal. [cnet.com]