Malicious WordPress Plugin Threatens Credit Card Security

Unveiling the Latest Magecart Attacks: Malicious WordPress Plugin Threatens Credit Card Security

WordPress Plugin Threatens Credit Card Security: A surge in Magecart attacks has been identified, involving the utilization of a nefarious WordPress plugin. This malicious plugin not only facilitates fraudulent admin user creation but also poses a significant threat to the security of credit card information on e-commerce websites, as detailed by The Hacker News.

The Unsettling Tactics

Deployment and Concealment

The malevolent WordPress plugin, masquerading as “WordPress Cache Addons,” infiltrates systems through compromised admin user accounts or by exploiting vulnerabilities in existing plugins. Once installed, it engages in self-replication to the must-use plugins directory, or mu-plugins, effectively evading detection.

Admin User Manipulation

According to a comprehensive report by Sucuri, the plugin goes beyond its initial infiltration. It establishes and conceals admin user accounts, exploiting the access levels inherent in compromised wp-admin administrator users. Sucuri security researcher Ben Martin notes, “installing plugins is certainly one of the key abilities that WordPress admins possess.”

Read More: How To Boost WordPress Site Security

Credit Card Data Exfiltration

The primary concern arises with the deployment of a credit card stealing backdoor, enabling the unauthorized extraction of sensitive credit card data. This insidious tactic poses a serious threat to the security and trustworthiness of e-commerce platforms.

Sucuri’s Insight

Sucuri’s research sheds light on the methodology behind these attacks. The plugin’s ability to operate within the constraints of existing access levels underscores the sophistication of contemporary cyber threats. Sucuri emphasizes the need for heightened vigilance, given the prevalence of WordPress infections originating from compromised administrator users.

Recent Discoveries

This revelation comes on the heels of Sucuri’s prior discovery of a fake WordPress patch designed to enable persistent remote access. The evolving nature of cyber threats underscores the importance of robust security measures in safeguarding digital assets.

Read More: Top 7 User Experience Design Trends For WordPress Sites


The Magecart attacks involving a malicious WordPress plugin signal a new frontier in cyber threats targeting e-commerce platforms. Heightened security measures, regular audits, and prompt updates are imperative to shield against these evolving threats.

Feature Image Source: Nathan da Silva

Similar Posts