A tremendous 7,339 (and counting) private e-commerce websites have actually been plagued with the MagentoCore.net payment-card skimmer in the last 6 months, making the malicious script one of the most effective credit-card threats out there. The infections become part of a single effort, all tied back to one well-resourced group with international reach.
“My advice to store owners is to periodically check for unauthorized code in headers, footers and database fields,”de Groot told Threatpost. “When discovered, an extensive investigation must be performed, due to the fact that hackers generally sprinkle their hijacked systems with backdoors. Variation control [i.e., going back to a certified safe copy of the codebase] and a good malware scanner are really beneficial. “