CyberSecurity news
FlagThis
Pierluigi Paganini@securityaffairs.com - 18d
Hackers are exploiting Google Tag Manager (GTM) to deploy credit card skimmers on Magento-based e-commerce websites. According to reports from The Hacker News, Sucuri, and CISO2CISO, malicious actors are leveraging GTM to deliver malware that targets sensitive payment data. The attack involves injecting code that appears to be a standard GTM or Google Analytics script but contains an obfuscated backdoor. This allows the attackers to gain persistent access to the websites.
Sucuri's investigation into a customer's Magento site revealed that credit card details were being stolen via a skimmer loaded from the cms_block.content database table. The GTM tag contained encoded JavaScript designed to collect and transmit sensitive user data entered during the checkout process to a remote server controlled by the attackers. This highlights the importance of securing third-party integrations and regularly monitoring website files for any suspicious code.
ImgSrc: securityaffairs
References :
Sucuri's investigation into a customer's Magento site revealed that credit card details were being stolen via a skimmer loaded from the cms_block.content database table. The GTM tag contained encoded JavaScript designed to collect and transmit sensitive user data entered during the checkout process to a remote server controlled by the attackers. This highlights the importance of securing third-party integrations and regularly monitoring website files for any suspicious code.
ImgSrc: securityaffairs
Share:
References :
- Sucuri Blog: Sucuri warns of credit card data theft from website.
- ciso2ciso.com: Hackers Exploit Google Tag Manager
- The Hacker News: The Hacker News reports on hackers exploiting Google Tag Manager to deploy credit card skimmers.
- : Sucuri : Title is straightforward: Sucuri warns of credit card data theft from a customer's Magento-based eCommerce website. The credit card skimmer malware is delivered by leveraging Google Tag Manager (GTM). GTM is a free tool from Google that allows website owners to manage and deploy marketing tags on their website without needing to modify the site’s code directly.
- ciso2ciso.com: Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores – Source:thehackernews.com
- securityaffairs.com: Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores.
- Security Intelligence: Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites.
- www.scworld.com: Magento stores compromised with Google Tag Manager skimmer
- gbhackers.com: Information on hackers exploiting Google Tag Manager to steal credit card data from e-commerce sites.
- securityonline.info: SecurityOnline article on hackers exploiting Google Tag Manager.
- gbhackers.com: Hackers Exploiting Google Tag Managers to Steal Credit Card from eCommerce Sites
- securityonline.info: Hackers Exploit Google Tag Manager to Steal Credit Card Data from Magento Sites
- Sucuri Blog: Recently, we had a client come to us concerned that their website was infected with credit card stealing malware, often referred to as MageCart. Their website was running on Magento, a popular eCommerce content management system that skilled attackers often target to steal as many credit card numbers as possible.
- Search Engine Journal: Hackers Use Google Tag Manager to Steal Credit Card Numbers
- www.searchenginejournal.com: Hackers Use Google Tag Manager to Steal Credit Card Numbers
Classification:
- HashTags: #GTM #CreditCardskimmer #EcommerceSecurity
- Company: Google
- Target: Magento e-commerce websites
- Product: Google Tag Manager
- Feature: Google Tag Manager
- Malware: Credit card skimmer
- Type: Malware
- Severity: Major