216.73.216.133

Credit Card Skimmer and Backdoor on WordPress E-commerce Site

· Published 15/03/2025 07:22 · Modified 17/03/2025 10:08

Export JSON

Essential information

Published
15/03/2025 07:22
Modified
17/03/2025 10:08
Tags
2025-03-15 backdoor credit card skimmer e-commerce javascript obfuscation php reconnaissance woocommerce wordpress
Related entities
13 techniques (mitre), 1 others

Description

A sophisticated malware attack targeting sites was discovered, involving multiple components: a , a hidden file manager, and a script. The attack focused on financial gain and long-term control. The skimmer, injected into the checkout page, collected payment and billing information, sending it to a malicious server. A allowed remote system command execution, while a script gathered server information. The attack demonstrates the evolving complexity of platform threats, emphasizing the need for strict security measures, regular scans, proper access controls, and timely updates to prevent such exploits.

External references