Cybercriminals are now injecting credit card swipers on random plugins from e-commerce WordPress sites to carry out credit card theft.
The process begins with hacking into WordPress sites, while also injecting a backdoor into the site, which allows them to keep their access to the site even after installing updates.
After that, the cybercriminals go further and add their malicious code to random plugins.
Administrators should follow several steps to protect themselves against card snatchers, including limiting the wp-admin range to specific IP addresses only.
Once this step has been taken, the threat actors will not be able to access the site, even after stealing administrator cookies and injecting a backdoor.
In addition, administrators are advised to conduct integrity monitoring through the use of active server-side scanners to ensure that no code changes last too long before they are detected.
Organizations should also develop the habit of reading logs and looking deeply into the details.