The Clearsale Blog

What You Need to Know About the MagentoCore Card Skimmer

What You Need to Know About the MagentoCore Card Skimmer

In the six months ending September 2018, the MagentoCore card skimmer malware has infected more than 7,000 e-commerce sites, with an estimated 50-60 sites still being hijacked daily. And it’s not just big sites that are at risk, either. The malware targets online business of all sizes.

Because this malware is considered to be one of the most effective credit card threats in the e-commerce marketplace today, every online merchant should know how this threat works and how they can protect themselves.

The fact that even small sites are targets is part of what makes this malware so deadly. Sure, it makes sense for fraudsters to hit the multimillion-dollar corporations hard and walk away with high-value wins.  But small online retailers are also at risk right now, and they might even end up with proportionally bigger losses.

This is because these smaller retailers often inaccurately believe they’re too small to be targets and therefore fraudsters won’t waste the time and effort on them. Unfortunately, that’s precisely what makes these small businesses targets: Fraudsters know they have fewer resources to dedicate to hiring robust fraud prevention teams and implementing the latest security features.

How the MagentoCore Card Skimmer Affects Merchants

The attack starts when a cybercriminal gains access to the content management system (CMS) an e-commerce merchant is running on their website. Attackers can also gain access through another computer that’s already infected.

The fraudster then hides the malicious MagentoCore.net JavaScript code in several places within the HTML template, such as the default HTML headers and footers or hidden JavaScript files.

Once the code is inserted and launched, it tests millions of common and default passwords on customers’ accounts, looking to find ones that work. These cybercriminals are patient -- willing to wait months until they hit that right combination and can access a customer’s sensitive personal data.

The cybercriminals can also access this personal information by using the script to record customer keystrokes and payment card data for customers and upload it to the MagentoCore.net server.

In either case, the hackers monetize the stolen card data, selling it on the dark web for up to $30 per card.

How Merchants Can Protect Themselves Against MagentoCore Malware

While the primary targets are currently Magento-run e-commerce stores, the threat may also extend to WooCommerce retailers. And other platforms could be at risk, too.

So while the risk is widespread and ongoing, it doesn’t mean merchants can’t protect themselves.

All merchants – but especially those using either Magento or WooCommerce -- should regularly audit their CMS and check for maliciously inserted code in headers, footers and database fields. However, even if the fraudulent code is detected and removed, that doesn’t mean everything is fine.

Cybercriminals often insert backdoors into infected systems. To safeguard against this, all online retailers should maintain a certified safe copy of their codebase. Once an infection is detected and eliminated, the merchant can then revert back to this previous copy that does not have the backdoor. Merchants should also ensure they’re staying up-to-date on all security patches. They should also run a reputable malware scanner and regularly scan their sites for vulnerabilities and malware.

Partnering with ClearSale, the global leader in e-commerce fraud protection solutions, can help. Our unique combination of machine learning technology and specialized human analysis prevents fraudulent purchases from being accepted. Our solution easily integrates directly with your WooCommerce and Magento stores.

Not sure if our card-not-present (CNP) fraud protection solution is right for you? Read our guide for evaluating CNP solutions and learn why more than 3,000 clients worldwide trust us to deliver a safe, secure buying experience.

 

You may also like

[Industry Focus] Fraud Risk Profile for Nutraceutical and Drug Retailers

[Industry Focus] Fraud Risk Profile for Nutraceutical and Drug Retailers

As people become more conscious of what they’re putting into their bodies, there’s been an increased demand for high-quality supplements and healthful food and beverages. The result has been a..

3 Ways Tech Can Benefit Remote Teams

3 Ways Tech Can Benefit Remote Teams

Ecommerce businesses are used to an ever-evolving digital connection between them and their customers. But 2020’s COVID-19 pandemic has resulted in that digital connection making its way into the..

Shopping Habits by Gender: What’s Changed in 2020

Shopping Habits by Gender: What’s Changed in 2020

Do men hate shopping online? Are women more worried about fraud?

How Management Should Contribute to Fraud Protection

How Management Should Contribute to Fraud Protection

As companies grow, management often delegates business-critical tasks—marketing, technology, fraud prevention—to different departments. While it might seem to be an efficient way to get things..

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

As an e-commerce merchant, you know the risk of fraud, false declines and chargebacks. But maybe you think it won’t happen to you because you’re a relatively new — or small — e-commerce merchant,..

How Backtesting Can Improve Fraud Prevention

How Backtesting Can Improve Fraud Prevention

They say hindsight is 20/20, and that’s especially true for e-commerce merchants looking to increase their approval rates and decrease fraudulent transactions. It’s easy to look back at..

Is Fraud Risk Scaring You Away From International Shipping?

Is Fraud Risk Scaring You Away From International Shipping?

With cross-border shopping estimated to make up 20% of e-commerce in 2022, many merchants are right to consider expanding into other countries. So what’s stopping them from pulling the trigger?

Preparing Your E-Commerce Store for the Holiday Season

Preparing Your E-Commerce Store for the Holiday Season

It might still be summer on the calendar, but the holiday shopping season is just around the corner.  Are you ready?

Impact Analysis: Declined Transactions vs. Fraudulent Transactions

Impact Analysis: Declined Transactions vs. Fraudulent Transactions

Selling products and services online offers great opportunities for merchants, but it’s not without risk. Savvy cybercriminals use stolen personal data to defraud merchants, and sometimes, a..

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog