Shopping cart malware, known as Magecart, is once again making headlines while plying its criminality across numerous ecommerce sites. Its name is in dishonor of two actions: shopping carts, and more specifically, those that make use of the open-source ecommerce platform Magento. Magecart malware compromises shopping carts in such a way that credit card data collected by the cart is transmitted to cybercriminals, who in turn resell this information to other bad actors. In my blog for Avast, I review some of the more notable attacks over the past several years and catalog the confluence of trends that have made Magecart a popular threat vector.
In addition to some suggestions on how you can strengthen your ecommerce storefront, here are a few other tips to try to prevent this from happening to your website:
- Use this browser-based tool from Trustwave to check if your site has been compromised, along with other tips listed in the blog post to help you investigate your web storefront code.
- Use isolation tools such as this one from SourceDefense to better control access rules and prevent malicious script injections.
- Finally, whatever website server software you use, make sure you apply updates as soon as possible. Magento users who were compromised by early attackers delayed these updates and the attackers found these outdated versions and took advantage of them. The software vendor lists current patches and also has a free vulnerability scanning tool too.