When running a security scan on an e-commerce store I saw that the site had been hacked and credit card data was sent to the hacker’s website.

I’ve included an explanation of the script and what it is doing. If you find this script on your website or any other script that you didn’t add then you should immediately remove it.

malicious script added to ecommerce website

The hacker script is the script tag with the url:

https://www.web-rank.cc/media/cookie.js

This script was added to the footer of the page and executes on every page on the website.

I’ve annotated the script below:

Part 1:

Part 2:

The script first checks if the page loaded is a payment page. If so, it executes the send() method that listens for form submits.

When a form is submitted it captures all the form data and sends it to the hacker’s website.

The form data is encoded but it’s easy to decode. Here is the decoded data:

As you can see, the script has captured the billing address and credit card information from the form and successfully sent it to the hacker’s website (I put in test data so no harm was done).

Hacked websites on the rise

In March 2015 Google reported that 17 million websites had malicious software installed and were trying to steal visitors information.

In March 2016 the number had increased to 50 million.

Disastrous for your reputation if this happens to your website

If you find this script on your e-commerce site you should immediately remove it.

Of course, the damage has been done. Not only to your customers whose credit card details have been stolen but to your reputation.

If you don’t know how to properly secure your e-commerce website seek professional help.

The cost of protecting your website from hackers is nothing in comparison to the loss of reputation when your website is hacked.

If you sell online only it could mean the end of your business. Hacking attempts are increasing, especially against e-commerce sites. Make sure your e-commerce website is safe.

Source: Hacked websites on the rise: Google (March 2017)

Pin It on Pinterest

Share This

Share this post with your friends!