Summary: Cybersecurity researchers have identified a new malware campaign, MageCart, targeting e-commerce sites on the Magento platform by embedding malicious scripts within image tags in HTML code. The malware aims to steal sensitive payment information during the checkout process while evading detection by common security measures. This sophisticated approach helps the attackers remain undetected by disguising harmful code and dynamically injecting fake forms.
Affected: E-commerce sites using Magento platform
Keypoints :
- MageCart malware conceals its code within image tags, making it difficult to detect.
- The attack triggers malicious JavaScript through an onerror event when an image fails to load.
- Attackers exploit HTML elements considered innocuous to capture sensitive payment information, particularly during checkout.
- Additionally, vulnerabilities in other platforms, like the mu-plugins directory in WordPress, enable attackers to implant backdoors for ongoing access.
Source: https://thehackernews.com/2025/02/cybercriminals-exploit-onerror-event-in.html