Magento 2 PHP Credit Card Skimmer Saves to JPG
Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites.
A recent investigation for a compromised Magento 2 website revealed a malicious injection that was capturing POST request data from site visitors. Located on the checkout page, it was found to encode captured data before saving it to a .JPG file.
Malicious Injection Behavior
The following PHP code was found injected to the file ./vendor/magento/module-customer/Model/Session.php.
Continue reading Magento 2 PHP Credit Card Skimmer Saves to JPG at Sucuri Blog.
Read more: Magento 2 PHP Credit Card Skimmer Saves to JPG
Story added 10. March 2021, content source with full text you can find at link above.