Scottsdale, AZ – November 14, 2016: With attacks that are now compromising online shops to scan credit card information, it seems as though encryption might not be the answer to keeping network data safe, says Jupiter Support senior tech analyst Vinay Patel.
This was brought to light after a Dutch researcher reported that almost 6,000 online shops, most of them built with the Magento content management system, have malicious code that intercepts and steals payment card data during online transactions. Among the websites was the online storefront of the U.S. National Republican Senatorial Committee (NRSC).
His research also showed that in many cases these compromises go undetected for up to a year. This has to do with the poor understanding of the problem by webmasters who believe that if their sites use HTTPS or a third-party payment processor the customer data is safe.
Upon investigation by web security firm Sucuri of a shop compromise that wasn’t detected by automated scans, it was detected that one of the site’s core files, called Cc.php, had recently been modified.
Malicious code was found to be designed to steal payment card data and stored inside an image file. “This technique of hiding data inside files with non-suspecting extensions, such as image files, is not new and is intended to avoid detection,” said Patel.
“To obtain the stolen numbers, the attacker would not even have to maintain access to the site,” Sucuri researcher Ben Martin said in a blog post. “The image was publicly accessible. All the attacker would need to do is download the image from the website just like any other and view its source code.”
For more information on how to safely shop online, visit www.jupitersupport.com