Google system abused by hackers to hijack ecommerce stores

Sucuri finds credit card skimmer in Magento-powered ecommerce site
The skimmer was hiding within Google Tag Manager
At least six websites were compromised, experts warned

Cybercriminals were exploiting the Google Tag Manager (GTM) to hide malware in Magento-powered ecommerce sites and steal payment information from customers, experts have claimed.

Researchers at Sucuri claim to have recently observed one such attack in the wild, explaining that a customer reached out for help after experiencing credit card data theft from their Magento-based ecommerce website.

The analysts traced the attack back to a malicious script embedded within Google Tag Manager, which appeared to be a legitimate tracking tool but was actually designed to skim sensitive data. Google Tag Manager is a free tool from Google that allows website owners and marketers to easily manage and deploy tracking codes (tags) on their website without directly modifying the site’s code.

Abused in the wild

The attackers obfuscated the script, making it difficult to detect, and used it to capture payment details from the checkout page before sending them to a remote server.

Sucuri also found a backdoor that granted the attackers persistent access. At least six websites were found to be infected with the same GTM ID, and one of the domains used in the attack, eurowebmonitortool [dot] com, has now been blacklisted by most security companies.

Using the Google Tag Manager to deliver malware isn’t a novelty. The researchers said they covered the technique last year, adding that the new infection indicates the tactic “still being widely used” in the wild. Magento, due to its popularity among ecommerce site owners, is a huge target for cybercriminals. Payment information is also quite valuable for cybercriminals, since they can use it to purchase malicious goods, pay for malvertising campaigns, and more.

To remediate the attack, website admins should remove any suspicious GTM tags, perform a full website scan, make sure both Magento and other extensions are updated, and regularly monitor site traffic and GTM for any unusual activity, Sucuri suggests.

https://cdn.mos.cms.futurecdn.net/5iMjYGEQQyaqdY6MhPo4u9-1200-80.jpg

Source link

Volkswagen teases new EV that’s set to become the cheapest it’s ever made

NYT Connections hints and answers for Thursday, February 13 (game #613)

NYT Strands hints and answers for Thursday, February 13 (game #347)

Quordle hints and answers for Thursday, February 13 (game #1116)

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

Dynex Capital, Inc. Declares Monthly Common Stock Dividend of $.15

GSK INVESTOR ALERT: Bronstein, Gewirtz & Grossman LLC Announces that GSK plc Investors with Substantial Losses Have Opportunity to Lead Class Action Lawsuit

Laird Superfood to Report Fourth Quarter and Fiscal Year 2024 Financial Results on February 26, 2025

California wildfires raise alarm on water-guzzling AI like ChatGPT

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Google system abused by hackers to hijack ecommerce stores

Dynex Capital, Inc. Declares Monthly Common Stock Dividend of $.15

GSK INVESTOR ALERT: Bronstein, Gewirtz & Grossman LLC Announces that GSK plc Investors with Substantial Losses Have Opportunity to Lead Class Action Lawsuit

Laird Superfood to Report Fourth Quarter and Fiscal Year 2024 Financial Results on February 26, 2025

Volkswagen teases new EV that’s set to become the cheapest it’s ever made

Leave a reply Cancel reply