WordPress WooCommerce Sites Hit by Sophisticated Malware

Cyber Security News by CyberSum.net

Published on October 31, 2025 at 09:00 PM

3 sources

The Wordfence Threat Intelligence Team has uncovered a highly sophisticated malware campaign targeting WordPress e-commerce sites using the WooCommerce plugin. The malware, disguised as a rogue plugin, employs advanced techniques such as custom encryption, fake images to hide payloads, and remote command access. It logs user credentials, establishes backdoors, and injects JavaScript skimmers into checkout pages to steal credit card data. The campaign is attributed to Magecart Group 12, known for persistent credit card skimming activities.

Also Read

TruffleNet: Cloud Credential Abuse for BEC Fraud

Fortinet’s FortiGuard Labs identified a widespread cloud abuse campaign, TruffleNet, exploiting stolen AWS credentials for large-scale Business Email Compromise (BEC) and email fraud. The campaign leverages over 800 unique hosts across 57 networks, showcasing advanced automation and operational discipline. Attackers use tools like TruffleHog and Portainer to validate credentials and orchestrate fraudulent activities, resulting in significant financial losses and data breaches.

By Cyber Security News by CyberSum.netNovember 4, 2025 at 12:00 AM