Server Side Credit Card Skimmer Lodged in Obscure Plugin


Attackers are increasingly using obscure methods to inject malware into websites, with a recent case involving the use of the obscure PHP snippet plugin, Dessky Snippets, to install server-side malware and harvest credit card details from a WooCommerce store. The incident was flagged by reports of stolen credit card information, prompting a deeper investigation by analyst Conrado Torquato. Attackers often exploit WordPress plugins that allow code manipulation, such as WordPress File Manager, WPCode, and Simple Custom CSS and JS. In this instance, the attackers leveraged Dessky Snippets, a rarely used plugin with only a few hundred active installations, to carry out their malicious activities.

Read More…