There are many threats that can put our data at risk when browsing the Internet. It is something that can affect personal information, passwords or banking details. In this article, we report on a threat that can compromise bank card data when visiting web pages. The attackers are taking advantage of a WordPress plugin to launch the attacks. We are going to give you some tips to protect yourself.
What exactly they do is inject malware into websites through that WordPress plugin. It targets online stores, with the aim of stealing users’ bank card data. These pages may be trustworthy, but hackers are going to exploit them to sneak in malware and steal.
Bank card data theft
Specifically, cybercriminals could use malicious PHP injections. They take advantage of a plugin called Desky Snippets which is available for WordPress. It’s not too popular, so it only has a few hundred installations. Perhaps this is what has caused the problem to go unnoticed and attackers can exploit it.
This attack was identified after reports of stolen bank cards surfaced, which led to an in-depth investigation. In this way, cybersecurity analyst Conrado Torquato discovered what the common link of this problem was. It was this plugin, not very well known, that caused data to be stolen.
According to him, the malicious code was hidden under several blank lines within the code of that WordPress plugin. This made it more complicated for those responsible for that website to detect it. It went unnoticed and they could steal bank card details without attracting attention.
What this malicious code does is modify the billing form during the payment process. It adds new fields and thus captures the bank card details and sends them to a URL controlled by the attackers. Use techniques to avoid raising suspicions and thus not be detected.
One of those measures to avoid raising suspicions is to configure the overlapping payment fields by disabling autocomplete. In this way, they managed to ensure that the browsers did not warn the victim that they were entering confidential information and that they simply appeared to be legitimate fields.
How to protect yourself
In this case, it is an attack that directly affects web pages. Therefore, it is the administrators of those sites who are responsible for correcting the problem. They need to ensure that they install reliable WordPress plugins and always have them properly updated to fix any vulnerabilities.
As a private user, what we recommend is that you always take precautions when paying online. A good idea is to use a card that you only use for those online payments. You can recharge it only with an amount that you will need and, in the event of an attack, the damage will be limited.
We also recommend that you have everything updated, such as the browser, the operating system or any application you use. It will help you avoid security flaws. In addition, having a good antivirus will help detect threats and eliminate them before they can affect you.
In short, if you buy online it is essential to take care of the information you give. Check very carefully where you are putting the data, protect your device and use a secondary card to avoid problems. You should always check if the website is reliable to buy.
