WordPress Plugin Used to Exploit and Steal Credit Card Data From E-commerce Site

WooEcommerce

According to Security Affairs, WooCommerce e-stores have fallen victim to e-skimmers, designed to steal credit card details through an attack campaign exploiting Dessky Snippets, a lesser-known WordPress plugin allowing custom PHP code insertions.

Despite its limited visibility with just over 200 installations, Dessky Snippets has become a target for cybercriminals.

The malware injected into these sites includes a deceitful function, which establishes a connection with WooCommerce’s billing form.

WooEcommerce

This function alters the form to incorporate additional fields, enabling the capture of credit card information early in the transaction process.

Additionally, a concealed credit card skimmer with POST data tracking capabilities has been identified. It operates by monitoring certain parameters and triggering the exfiltration of billing and credit card data upon detection.

Researchers at Sucuri have noted that the attackers have taken steps to avoid detection, such as deactivating auto-fill in the fraudulent checkout form. This maneuver adds another layer of camouflage to their illicit activities.

WooEcommerce

To combat these threats effectively, organizations are advised to adopt several measures.

These include keeping software updated with the latest patches, staying vigilant against emerging threats, integrating only trusted scripts, and implementing robust security measures such as strong passwords, firewalls, and a content security policy.

These proactive steps are crucial in safeguarding e-commerce sites against cyberattacks.

Nate O'Hara
Nathan is a seasoned commerce writer with a passion for unraveling the intricacies of the business world and distilling them into engaging narratives. During his academic journey, he delved deep into subjects like economics, marketing, and entrepreneurship, honing his analytical skills and developing a keen understanding of market dynamics.