Categories: FinanceNews

Criminals Embed Credit Card Loggers In E-Commerce Product Images

Steganography is a powerful tool which allows anyone to hide specific information in images. Magento users may want to pay specific attention to configuring their site, as assailants will use their media library to embedded credit card swipers in sites. For anyone running an e-commerce platform, this is a major security concern.

Criminals Once Again Use Steganography For Malicious Purposes

The art of steganography is often underestimated, even though it offers a lot of potential. By using this technology anyone in the world can hide information within public images. A hidden message or specific code are often hidden with steganography.  Criminals, though, are taking things to the next level, by looking to record credit card information using images on e-commerce websites.

These credit card scrapers consist of bits of malicious code which are embedded in logos or product images. This code will auto-execute whenever the image is loaded and collect credit card numbers as well as login details. Anyone running an e-commerce shop on the Magento CDN platform is more susceptible to these attacks for some reason.

What is rather interesting is how the recorded credit card information could be stored in images where they are hidden in plain sight. One such image was recently uncovered in the wild, which means attackers don’t need to access the backend of an e-commerce platform in order to retrieve the recorded information.



Related Post

To make matters worse, most e-commerce site owners wouldn’t even notice that something malicious is going on. The images work and load just as expected, and on the surface there is nothing wrong with them. To determine whether or not the images are legitimate, one would have to look at the source code of the image file itself.

In this day and age, malware can be found around every corner of the Internet. Unfortunately, that also means that malicious code is embedded within images on sites that are absolutely legitimate. One simply can’t trust any image on the Internet anymore, as it may be using steganography to hide code that logs sensitive user information .

Keeping in mind how over 240,000 e-commerce stores around the world use the Magento platform, this malware threat should be taken very seriously. Not too long ago, Magento sites were subject to the KincilWare ransomware, which would encrypt website files. It seems criminals are purposefully targeting this platform because of   its security flaws, which is not a positive sign for the future.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

WIF Set to Overtake BONK? Lunex Soars with 100x Potential in Altcoin Season

As altcoin season heats up, all eyes are on the rising stars—especially Lunex, which is…

2 hours ago

Binance Coin Price Dips: BNB Holders Rush To Lunex Presale To Hedge Their Long Positions

While the broader market witnessed a notable upward movement, Binance Coin (BNB) experienced a decline…

2 hours ago

Crypto Stalwarts Forecasted 800% Growth in Innovative Projects: VeChain, Rollblock and Polkadot!

This blazing crypto bull run has investors looking for the next top altcoins set to…

2 hours ago

Dogecoin Price Set To Recreate 36,000% Rally From 2021 After Pennant Formation

The Dogecoin price is back in the limelight, captivating the crypto world with its recent…

3 hours ago

Is XRP About to Explode? How Trump’s Victory Is Affecting XRP Price Amidst JetBolt Growth

Ripple’s XRP showed a 68% price increase in the last 7 days following Trump's victory,…

3 hours ago

Ethereum Down While Bitcoin, Solana, and JetBolt Skyrocket In End November 2024

Ethereum stumbles as Bitcoin surges past $97K, Solana eyes new highs, and JetBolt’s presale shakes…

6 hours ago